CVE-2020-24246

Peplink Balance before 8.1.0rc1 allows an unauthenticated attacker to download PHP configuration files (/filemanager/php/connector.php) from Web Admin.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 65%
VendorProductVersion
peplinkbalance_20x_firmware
𝑥
≤ 8.1.0
peplinkbalance_310x_firmware
𝑥
≤ 8.1.0
peplinkmbx_firmware
𝑥
≤ 8.1.0
peplinkepx_firmware
𝑥
≤ 8.1.0
peplinksdx_firmware
𝑥
≤ 8.1.0
peplinkbalance_30_lte_firmware
𝑥
≤ 8.1.0
peplinkbalance_20_firmware
𝑥
≤ 8.1.0
peplinkbalance_30_firmware
𝑥
≤ 8.1.0
peplinkbalance_30_pro_firmware
𝑥
≤ 8.1.0
peplinkbalance_50_firmware
𝑥
≤ 8.1.0
peplinkbalance_50_firmware
𝑥
≤ 8.1.0
peplinkbalance_one_firmware
𝑥
≤ 8.1.0
peplinkbalance_two_firmware
𝑥
≤ 8.1.0
peplinkbalance_210_firmware
𝑥
≤ 8.1.0
peplinkbalance_210_firmware
𝑥
≤ 8.1.0
peplinkbalance_310_firmware
𝑥
≤ 8.1.0
peplinkbalance_305_firmware
𝑥
≤ 8.1.0
peplinkbalance_380_firmware
𝑥
≤ 8.1.0
peplinkbalance_580_firmware
𝑥
≤ 8.1.0
peplinkbalance_710_firmware
𝑥
≤ 8.1.0
peplinkbalance_1350_firmware
𝑥
≤ 8.1.0
peplinkbalance_2500_firmware
𝑥
≤ 8.1.0
peplinkmax_br1_mk2_firmware
𝑥
≤ 8.1.0
peplinkmax_br1_classic_firmware
𝑥
≤ 8.1.0
peplinkmax_br1_slim_firmware
𝑥
≤ 8.1.0
peplinkmax_br1_mini_firmware
𝑥
≤ 8.1.0
peplinkmax_br1_m2m_firmware
𝑥
≤ 8.1.0
peplinkmax_br1_ent_firmware
𝑥
≤ 8.1.0
peplinkmax_br1_pro_firmware
𝑥
≤ 8.1.0
peplinkmax_br1__ip67_firmware
𝑥
≤ 8.1.0
peplinkmax_br2_firmware
𝑥
≤ 8.1.0
peplinkmax_br1_ip55_firmware
𝑥
≤ 8.1.0
peplinkmax_br2_ip55_firmware
𝑥
≤ 8.1.0
peplinkmax_hd2_ip67_firmware
𝑥
≤ 8.1.0
peplinkmax_hd2_mini_firmware
𝑥
≤ 8.1.0
peplinkmax_hd2_firmware
𝑥
≤ 8.1.0
peplinkmax_hd1_dome_firmware
𝑥
≤ 8.1.0
peplinkmax_hd2_dome_firmware
𝑥
≤ 8.1.0
peplinkmax_hd4_firmware
𝑥
≤ 8.1.0
peplinkmax_hd4_ip67_firmware
𝑥
≤ 8.1.0
peplinkmax_transit_firmware
𝑥
≤ 8.1.0
peplinkmax_transit_duo_firmware
𝑥
≤ 8.1.0
peplinkmax_transit_mini_firmware
𝑥
≤ 8.1.0
peplinkmax_hotspot_firmware
𝑥
≤ 8.1.0
peplinkmax_on-the-go_firmware
𝑥
≤ 8.1.0
peplinkmax_700_firmware
𝑥
≤ 8.1.0
peplinkubr_lte_firmware
𝑥
≤ 8.1.0
peplinksurf_soho_firmware
𝑥
≤ 8.1.0
peplinksurf_soho_mk3_firmware
𝑥
≤ 8.1.0
peplinkmediafast_200_firmware
𝑥
≤ 8.1.0
peplinkmediafast_500_firmware
𝑥
≤ 8.1.0
peplinkmediafast_750_firmware
𝑥
≤ 8.1.0
peplinkmediafast_hd2_firmware
𝑥
≤ 8.1.0
peplinkmediafast_hd4_firmware
𝑥
≤ 8.1.0
peplinkspeedfusion_sfe_firmware
𝑥
≤ 8.1.0
peplinkspeedfusion_sfe_cam_firmware
𝑥
≤ 8.1.0
peplinkfusionhub_firmware
𝑥
≤ 8.1.0
𝑥
= Vulnerable software versions
References
https://blog.bssi.fr/cve-2020-24246-leaking-source-file-using-the-web-admin-interface-of-peplink-balance/
https://download.peplink.com/resources/firmware-8.1.0rc1-release-notes.pdf
https://blog.bssi.fr/cve-2020-24246-leaking-source-file-using-the-web-admin-interface-of-peplink-balance/
https://download.peplink.com/resources/firmware-8.1.0rc1-release-notes.pdf