CVE-2020-36921

RED-V Super Digital Signage System 5.1.1 Log Information Disclosure Vulnerability

CVSS 6.9 MEDIUMEPSS 0.4%CWE-548

RED-V Super Digital Signage System 5.1.1 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive webserver log files. Attackers can visit multiple endpoints to retrieve system resources and debug log information without authentication.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Produtos afetados

RED · RED-V Super Digital Signage System RXV-A740R

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://cxsecurity.com/issue/WLB-2020110130 https://exchange.xforce.ibmcloud.com/vulnerabilities/191803 https://packetstormsecurity.com/files/160073 https://www.red-v.tv/https://www.vulncheck.com/advisories/red-v-super-digital-signage-system-log-information-disclosure-vulnerability https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5609.php