CVE-2020-15058

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 14%
VendorProductVersion
lindy-international42633_firmware
2.078.000
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://research.hisolutions.com/2020/05/critical-vulnerabilites-in-multiple-usb-network-servers/
https://research.hisolutions.com/2020/05/critical-vulnerabilites-in-multiple-usb-network-servers/