CVE-2020-6954
CVE-2020-6954 affects Cayin SMP-PRO4 digital signage players. A user can view a saved password by inspecting the URL after a Connection String Test; the password is exposed in the webpass parameter of the media_folder.cgi?apply_mode=ping_server URI. The impact is partial confidentiality (per CVSS...