Vulnerability-Lookup

BDU:2021-02146

Vulnerability from fstec - Published: 27.12.2019

Title

Уязвимость оптических линейных терминалов CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, FD8000, связанная с жёстким кодированием регистрационных данных, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

Description

Уязвимость оптических линейных терминалов CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, FD8000 связана с жёстким кодированием регистрационных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vendor

C-data

Software Name

72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204SN, FD1204SN-R2, FD1204S-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, FD8000

Software Version

1.2.2 (72408A), 2.4.05_000 (72408A), 2.4.04_001 (72408A), 2.4.03_000 (72408A), 1.2.2 (9008A), 1.2.2 (9016A), 1.2.2 (92408A), 1.2.2 (92416A), 1.2.2 (9288), 1.2.2 (97016), 1.2.2 (97024P), 1.2.2 (97028P), 1.2.2 (97042P), 1.2.2 (97084P), 1.2.2 (97168P), 1.2.2 (FD1002S), 1.2.2 (FD1104), 1.2.2 (FD1104B), 1.2.2 (FD1104S), 1.2.2 (FD1104SN), 1.2.2 (FD1108S), 1.2.2 (FD1204SN), 1.2.2 (FD1204SN-R2), 1.2.2 (FD1204S-R2), 1.2.2 (FD1208S-R2), 1.2.2 (FD1216S-R1), 1.2.2 (FD1608GS), 1.2.2 (FD1608SN), 1.2.2 (FD1616GS), 1.2.2 (FD1616SN), 1.2.2 (FD8000), 2.4.05_000 (FD8000), 2.4.05_000 (FD1616SN), 2.4.05_000 (FD1616GS), 2.4.05_000 (FD1608SN), 2.4.05_000 (FD1608GS), 2.4.05_000 (FD1216S-R1), 2.4.05_000 (FD1208S-R2), 2.4.05_000 (FD1204S-R2), 2.4.05_000 (FD1204SN-R2), 2.4.05_000 (FD1204SN), 2.4.05_000 (FD1108S), 2.4.05_000 (FD1104SN), 2.4.05_000 (FD1104S), 2.4.05_000 (FD1104B), 2.4.05_000 (FD1104), 2.4.05_000 (FD1002S), 2.4.05_000 (97168P), 2.4.05_000 (97084P), 2.4.05_000 (97042P), 2.4.05_000 (97028P), 2.4.05_000 (97024P), 2.4.05_000 (97016), 2.4.05_000 (9288), 2.4.05_000 (92416A), 2.4.05_000 (92408A), 2.4.05_000 (9016A), 2.4.05_000 (9008A), 2.4.04_001 (9008A), 2.4.04_001 (9016A), 2.4.04_001 (92408A), 2.4.04_001 (92416A), 2.4.04_001 (9288), 2.4.04_001 (97016), 2.4.04_001 (97024P), 2.4.04_001 (97028P), 2.4.04_001 (97042P), 2.4.04_001 (97084P), 2.4.04_001 (97168P), 2.4.04_001 (FD1002S), 2.4.04_001 (FD1104), 2.4.04_001 (FD1104B), 2.4.04_001 (FD1104S), 2.4.04_001 (FD1104SN), 2.4.04_001 (FD1108S), 2.4.04_001 (FD1204SN), 2.4.04_001 (FD1204SN-R2), 2.4.04_001 (FD1204S-R2), 2.4.04_001 (FD1208S-R2), 2.4.04_001 (FD1216S-R1), 2.4.04_001 (FD1608GS), 2.4.04_001 (FD1608SN), 2.4.04_001 (FD1616GS), 2.4.04_001 (FD1616SN), 2.4.04_001 (FD8000), 2.4.03_000 (FD8000), 2.4.03_000 (FD1616SN), 2.4.03_000 (FD1616GS), 2.4.03_000 (FD1608SN), 2.4.03_000 (FD1608GS), 2.4.03_000 (FD1216S-R1), 2.4.03_000 (FD1208S-R2), 2.4.03_000 (FD1204S-R2), 2.4.03_000 (FD1204SN-R2), 2.4.03_000 (FD1204SN), 2.4.03_000 (FD1108S), 2.4.03_000 (FD1104SN), 2.4.03_000 (FD1104S), 2.4.03_000 (FD1104B), 2.4.03_000 (FD1104), 2.4.03_000 (FD1002S), 2.4.03_000 (97168P), 2.4.03_000 (97084P), 2.4.03_000 (97042P), 2.4.03_000 (97028P), 2.4.03_000 (97024P), 2.4.03_000 (97016), 2.4.03_000 (9288), 2.4.03_000 (92416A), 2.4.03_000 (92408A), 2.4.03_000 (9016A), 2.4.03_000 (9008A)

Reference

https://www.securitylab.ru/news/509964.php https://pierrekim.github.io/blog/2020-07-07-cdata-olt-0day-vulnerabilities.html

CWE

CWE-798

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "C-data",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "1.2.2 (72408A), 2.4.05_000 (72408A), 2.4.04_001 (72408A), 2.4.03_000 (72408A), 1.2.2 (9008A), 1.2.2 (9016A), 1.2.2 (92408A), 1.2.2 (92416A), 1.2.2 (9288), 1.2.2 (97016), 1.2.2 (97024P), 1.2.2 (97028P), 1.2.2 (97042P), 1.2.2 (97084P), 1.2.2 (97168P), 1.2.2 (FD1002S), 1.2.2 (FD1104), 1.2.2 (FD1104B), 1.2.2 (FD1104S), 1.2.2 (FD1104SN), 1.2.2 (FD1108S), 1.2.2 (FD1204SN), 1.2.2 (FD1204SN-R2), 1.2.2 (FD1204S-R2), 1.2.2 (FD1208S-R2), 1.2.2 (FD1216S-R1), 1.2.2 (FD1608GS), 1.2.2 (FD1608SN), 1.2.2 (FD1616GS), 1.2.2 (FD1616SN), 1.2.2 (FD8000), 2.4.05_000 (FD8000), 2.4.05_000 (FD1616SN), 2.4.05_000 (FD1616GS), 2.4.05_000 (FD1608SN), 2.4.05_000 (FD1608GS), 2.4.05_000 (FD1216S-R1), 2.4.05_000 (FD1208S-R2), 2.4.05_000 (FD1204S-R2), 2.4.05_000 (FD1204SN-R2), 2.4.05_000 (FD1204SN), 2.4.05_000 (FD1108S), 2.4.05_000 (FD1104SN), 2.4.05_000 (FD1104S), 2.4.05_000 (FD1104B), 2.4.05_000 (FD1104), 2.4.05_000 (FD1002S), 2.4.05_000 (97168P), 2.4.05_000 (97084P), 2.4.05_000 (97042P), 2.4.05_000 (97028P), 2.4.05_000 (97024P), 2.4.05_000 (97016), 2.4.05_000 (9288), 2.4.05_000 (92416A), 2.4.05_000 (92408A), 2.4.05_000 (9016A), 2.4.05_000 (9008A), 2.4.04_001 (9008A), 2.4.04_001 (9016A), 2.4.04_001 (92408A), 2.4.04_001 (92416A), 2.4.04_001 (9288), 2.4.04_001 (97016), 2.4.04_001 (97024P), 2.4.04_001 (97028P), 2.4.04_001 (97042P), 2.4.04_001 (97084P), 2.4.04_001 (97168P), 2.4.04_001 (FD1002S), 2.4.04_001 (FD1104), 2.4.04_001 (FD1104B), 2.4.04_001 (FD1104S), 2.4.04_001 (FD1104SN), 2.4.04_001 (FD1108S), 2.4.04_001 (FD1204SN), 2.4.04_001 (FD1204SN-R2), 2.4.04_001 (FD1204S-R2), 2.4.04_001 (FD1208S-R2), 2.4.04_001 (FD1216S-R1), 2.4.04_001 (FD1608GS), 2.4.04_001 (FD1608SN), 2.4.04_001 (FD1616GS), 2.4.04_001 (FD1616SN), 2.4.04_001 (FD8000), 2.4.03_000 (FD8000), 2.4.03_000 (FD1616SN), 2.4.03_000 (FD1616GS), 2.4.03_000 (FD1608SN), 2.4.03_000 (FD1608GS), 2.4.03_000 (FD1216S-R1), 2.4.03_000 (FD1208S-R2), 2.4.03_000 (FD1204S-R2), 2.4.03_000 (FD1204SN-R2), 2.4.03_000 (FD1204SN), 2.4.03_000 (FD1108S), 2.4.03_000 (FD1104SN), 2.4.03_000 (FD1104S), 2.4.03_000 (FD1104B), 2.4.03_000 (FD1104), 2.4.03_000 (FD1002S), 2.4.03_000 (97168P), 2.4.03_000 (97084P), 2.4.03_000 (97042P), 2.4.03_000 (97028P), 2.4.03_000 (97024P), 2.4.03_000 (97016), 2.4.03_000 (9288), 2.4.03_000 (92416A), 2.4.03_000 (92408A), 2.4.03_000 (9016A), 2.4.03_000 (9008A)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": null,
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "27.12.2019",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "21.04.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "21.04.2021",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2021-02146",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2020-29059",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204SN, FD1204SN-R2, FD1204S-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, FD8000",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u043f\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043b\u0438\u043d\u0435\u0439\u043d\u044b\u0445 \u0442\u0435\u0440\u043c\u0438\u043d\u0430\u043b\u043e\u0432 CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, FD8000, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0436\u0451\u0441\u0442\u043a\u0438\u043c \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u043d\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0416\u0435\u0441\u0442\u043a\u043e\u0435 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-798)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u043f\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043b\u0438\u043d\u0435\u0439\u043d\u044b\u0445 \u0442\u0435\u0440\u043c\u0438\u043d\u0430\u043b\u043e\u0432 CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, FD8000 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0436\u0451\u0441\u0442\u043a\u0438\u043c \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u043d\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u043c\u0435\u0440\u044b",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://www.securitylab.ru/news/509964.php\nhttps://pierrekim.github.io/blog/2020-07-07-cdata-olt-0day-vulnerabilities.html",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-798",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10)\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,8)"
}

CVE-2020-29059 (GCVE-0-2020-29059)

Vulnerability from cvelistv5 – Published: 2020-11-24 20:58 – Updated: 2024-08-04 16:48

Summary

An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. There is a default panger123 password for the suma123 account for certain old firmware.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2021-02146

CVE-2020-29059 (GCVE-0-2020-29059)

Tags

Sightings

Nomenclature