Lucene search

K
cve[email protected]CVE-2020-22253
HistoryApr 06, 2022 - 11:15 p.m.

CVE-2020-22253

2022-04-0623:15:08
web.nvd.nist.gov
39
cve-2020-22253
xiongmai technology co
open port 9530
unauthenticated attackers
arbitrary telnet connections
nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.6 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

58.3%

Xiongmai Technology Co devices AHB7008T-MH-V2, AHB7804R-ELS, AHB7804R-MH-V2, AHB7808R-MS-V2, AHB7808R-MS, AHB7808T-MS-V2, AHB7804R-LMS, and HI3518E_50H10L_S39 were all discovered to have port 9530 open which allows unauthenticated attackers to make arbitrary Telnet connections with the victim device.

Affected configurations

NVD
Node
xiongmaitechahb7008t-mh-v2Match-
AND
xiongmaitechahb7008t-mh-v2_firmwareMatch4.02.r11.7601.nat.onvifc.20170420
Node
xiongmaitechahb7804r-elsMatch-
AND
xiongmaitechahb7804r-els_firmwareMatch4.02.r11.nat.onvifc.20160422
Node
xiongmaitechahb7804r-mh-v2Match-
AND
xiongmaitechahb7804r-mh-v2_firmwareMatch4.02.r11.7601.nat.onvifc.20170424
Node
xiongmaitechahb7808r-ms-v2Match-
AND
xiongmaitechahb7808r-ms-v2_firmwareMatch4.02.r11.nat.onvifc.20170327
Node
xiongmaitechahb7808r-msMatch-
AND
xiongmaitechahb7808r-ms_firmwareMatch4.02.r11.nat.onvifc.20170328
Node
xiongmaitechahb7808t-ms-v2Match-
AND
xiongmaitechahb7808t-ms-v2_firmwareMatch4.02.r11.nat.onvifc.20161205
Node
xiongmaitechahb7804r-lmsMatch-
AND
xiongmaitechahb7804r-lms_firmwareMatch4.02.r11.nat.onvifc.20170301
Node
xiongmaitechhi3518e_50h10l_s39Match-
AND
xiongmaitechhi3518e_50h10l_s39_firmwareMatch4.02.r12.nat.onvifs.20170727_all

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.6 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

58.3%

Related for CVE-2020-22253