Lucene search

MitreCVE-2020-21933

HistoryJul 21, 2021 - 3:15 p.m.

CVE-2020-21933

2021-07-2115:15:12

CWE-532

mitre

web.nvd.nist.gov

motorola

cx2 router

cve-2020-21933

security issue

password exposure

private key exposure

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

7.6

Confidence

High

EPSS

0.003

Percentile

70.8%

JSON

An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where the admin password and private key could be found in the log tar package.

Affected configurations

Nvd

Node

motorolacx2_firmwareMatch1.0.2

AND

motorolacx2Match-

VendorProductVersionCPE
motorolacx2_firmware1.0.2cpe:2.3:o:motorola:cx2_firmware:1.0.2:*:*:*:*:*:*:*
motorolacx2-cpe:2.3:h:motorola:cx2:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
motorola	cx2_firmware	1.0.2	cpe:2.3:o:motorola:cx2_firmware:1.0.2:::::::*
motorola	cx2	-	cpe:2.3:h:motorola:cx2:-:::::::*

References

github.com/cc-crack/router/blob/master/motocx2.md

l0n0l.xyz/post/motocx2/

Social References

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

7.6

Confidence

High

EPSS

0.003

Percentile

70.8%

JSON

Related for CVE-2020-21933