Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2020-24355
HistorySep 02, 2020 - 11:15 a.m.

CVE-2020-24355

2020-09-0211:15:09
mitre
www.cve.org
3
zyxel router
firmware vulnerability
insecure permissions
account manipulation
cve-2020-24355

AI Score

9.4

Confidence

High

EPSS

0.01

Percentile

83.6%

JSON

Zyxel VMG5313-B30B router on firmware 5.13(ABCJ.6)b3_1127, and possibly older versions of firmware are affected by insecure permissions which allows regular and other users to create new users with elevated privileges. This is done by changing β€œFirstIndex” field in JSON that is POST-ed during account creation. Similar may also be possible with account deletion.

Related

cve 1
prion 1
checkpoint_advisories 1
nvd 1
cve
cve
CVE-2020-24355
2020-09-02 12:15:10
prion
prion
Arbitrary file deletion
2020-09-02 12:15:00
checkpoint_advisories
checkpoint_advisories
Zyxel Routers Privilege Escalation (CVE-2020-24355)
2020-10-19 00:00:00
nvd
nvd
CVE-2020-24355
2020-09-02 12:15:10

AI Score

9.4

Confidence

High

EPSS

0.01

Percentile

83.6%

JSON
Related for CVELIST:CVE-2020-24355
cve1prion1checkpoint_advisories1nvd1