exploitDog

CVE-2020-35296

Опубликовано: 03 мар. 2021

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

ThinkAdmin v6 has default administrator credentials, which allows attackers to gain unrestricted administratior dashboard access.

Ссылки

https://github.com/Shrimant12/CVE-References/blob/main/CVE-2020-35296.md
Exploit
Third Party Advisory
https://github.com/zoujingli/ThinkAdmin
Product
https://smshrimant.com/admin-panel-access-using-default-credentials/
Exploit
Third Party Advisory
URL Repurposed
https://github.com/Shrimant12/CVE-References/blob/main/CVE-2020-35296.md
Exploit
Third Party Advisory
https://github.com/zoujingli/ThinkAdmin
Product
https://smshrimant.com/admin-panel-access-using-default-credentials/
Exploit
Third Party Advisory
URL Repurposed

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:thinkadmin:thinkadmin:6.0:*:*:*:*:*:*:*

EPSS

Процентиль: 78%

0.01102

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-798

Связанные уязвимости

GHSA-cxv7-6jgf-7gwf

CVSS3: 7.5

github

больше 3 лет назад

ThinkAdmin Admin Panel Access using Default Credentials

EPSS

Процентиль: 78%

0.01102

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-798