CVE-2020-22253

Xiongmai Technology Co devices AHB7008T-MH-V2, AHB7804R-ELS, AHB7804R-MH-V2, AHB7808R-MS-V2, AHB7808R-MS, AHB7808T-MS-V2, AHB7804R-LMS, and HI3518E_50H10L_S39 were all discovered to have port 9530 open which allows unauthenticated attackers to make arbitrary Telnet connections with the victim device.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 69%
VendorProductVersion
xiongmaitechahb7008t-mh-v2_firmware
4.02.r11.7601.nat.onvifc.20170420:r11.7601
xiongmaitechahb7804r-els_firmware
4.02.r11.nat.onvifc.20160422:r11.nat
xiongmaitechahb7804r-mh-v2_firmware
4.02.r11.7601.nat.onvifc.20170424:r11.7601
xiongmaitechahb7808r-ms-v2_firmware
4.02.r11.nat.onvifc.20170327:r11.nat
xiongmaitechahb7808r-ms_firmware
4.02.r11.nat.onvifc.20170328:r11.nat
xiongmaitechahb7808t-ms-v2_firmware
4.02.r11.nat.onvifc.20161205:r11.nat
xiongmaitechahb7804r-lms_firmware
4.02.r11.nat.onvifc.20170301:r11.nat
xiongmaitechhi3518e_50h10l_s39_firmware
4.02.r12.nat.onvifs.20170727_all:r12.nat
𝑥
= Vulnerable software versions
References
http://www.xiongmaitech.com/en/index.php/news/info/12/68
http://www.xiongmaitech.com/en/index.php/news/info/12/68