exploitDog

CVE-2020-9525

Опубликовано: 10 авг. 2020

Источник: nvd

CVSS3: 8.1

CVSS2: 6.8

EPSS Низкий

Описание

CS2 Network P2P through 3.x, as used in millions of Internet of Things devices, suffers from an authentication flaw that allows remote attackers to perform a man-in-the-middle attack, as demonstrated by eavesdropping on user video/audio streams, capturing credentials, and compromising devices.

Ссылки

https://hacked.camera
Third Party Advisory
https://redprocyon.com
Third Party Advisory
https://hacked.camera
Third Party Advisory
https://redprocyon.com
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cs2-network:p2p:*:*:*:*:*:*:*:*

Версия до 3.0.3a (включая)

EPSS

Процентиль: 72%

0.00716

Низкий

8.1 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-gx2p-6h82-ccjf

github

больше 3 лет назад

CS2 Network P2P through 3.x, as used in millions of Internet of Things devices, suffers from an authentication flaw that allows remote attackers to perform a man-in-the-middle attack, as demonstrated by eavesdropping on user video/audio streams, capturing credentials, and compromising devices.

EPSS

Процентиль: 72%

0.00716

Низкий

8.1 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-200