Lucene search

MitreCVE-2020-24113

HistoryAug 22, 2023 - 10:15 p.m.

CVE-2020-24113

2023-08-2222:15:08

CWE-22

mitre

web.nvd.nist.gov

cve-2020-24113

directory traversal

yealink

w60b

information security

vulnerability

dos

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

AI Score

Confidence

High

EPSS

0.002

Percentile

52.0%

JSON

Directory Traversal vulnerability in Contacts File Upload Interface in Yealink W60B version 77.83.0.85, allows attackers to gain sensitive information and cause a denial of service (DoS).

Affected configurations

Nvd

Node

yealinkw60b_firmwareMatch77.83.0.85

AND

yealinkw60bMatch-

VendorProductVersionCPE
yealinkw60b_firmware77.83.0.85cpe:2.3:o:yealink:w60b_firmware:77.83.0.85:*:*:*:*:*:*:*
yealinkw60b-cpe:2.3:h:yealink:w60b:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
yealink	w60b_firmware	77.83.0.85	cpe:2.3:o:yealink:w60b_firmware:77.83.0.85:::::::*
yealink	w60b	-	cpe:2.3:h:yealink:w60b:-:::::::*

References

fuo.fi/CVE-2020-24113/

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

AI Score

Confidence

High

EPSS

0.002

Percentile

52.0%

JSON

Related for CVE-2020-24113