← back
CVE-2020-36921

RED-V Super Digital Signage System 5.1.1 Log Information Disclosure Vulnerability

CVSS 6.9 MEDIUMEPSS 0.4%CWE-548
RED-V Super Digital Signage System 5.1.1 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive webserver log files. Attackers can visit multiple endpoints to retrieve system resources and debug log information without authentication.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
Affected products
RED · RED-V Super Digital Signage System RXV-A740R

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://cxsecurity.com/issue/WLB-2020110130https://exchange.xforce.ibmcloud.com/vulnerabilities/191803https://packetstormsecurity.com/files/160073https://www.red-v.tv/https://www.vulncheck.com/advisories/red-v-super-digital-signage-system-log-information-disclosure-vulnerabilityhttps://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5609.php