CVE-2020-26510

2020-11-1618:56:01

mitre

www.cve.org

9.9 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.6%

JSON

Airleader Master <= 6.21 devices have default credentials that can be used to access the exposed Tomcat Manager for deployment of a new .war file, with resultant remote code execution.

References

www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2020-033.txt