Lucene search

[email protected]NVD:CVE-2020-8973

HistoryOct 17, 2022 - 10:15 p.m.

CVE-2020-8973

2022-10-1722:15:10

CWE-284

[email protected]

web.nvd.nist.gov

zgr tps200

firmware

hardware

vulnerability

network access

parameters changing

8.1 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

0.001 Low

EPSS

Percentile

26.5%

JSON

ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, does not properly accept specially constructed requests. This allows an attacker with access to the network where the affected asset is located, to operate and change several parameters without having to be registered as a user on the web that owns the device.

Affected configurations

NVD

Node

zigorzgr_tps200_ng_firmwareMatch2.00

AND

zigorzgr_tps200_ngMatch1.01

References

www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-zgr-tps200-ng

8.1 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

0.001 Low

EPSS

Percentile

26.5%

JSON

Related for NVD:CVE-2020-8973

cve1 prion1 cvelist1