← volver
CVE-2020-8973

ZGR TPS200 NG Improper access control

CVSS 9.3 CRITICALEPSS 0.4%CWE-284
Vexday Risk Score
28Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 9.3EPSS 0.4%KEV nãoPoC Patch
Ciclo de vida
17 oct 2022Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, does not properly accept specially constructed requests. This allows an attacker with access to the network where the affected asset is located, to operate and change several parameters without having to be registered as a user on the web that owns the device.
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
Productos afectados
ZGR · ZGR TPS200 NG

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-zgr-tps200-ng