CNNVD-202512-1813 Information

CNNVD ID

CNNVD-202512-1813

Related CVE

CVE-2020-36894

• CNNVD Published: 2025-12-10

Description (Chinese)

Eibiz i-Media Server Digital Signage是泰国Eibiz公司的一个数字标牌服务器。 Eibiz i-Media Server Digital Signage 3.8.0版本存在访问控制错误漏洞，该漏洞源于AMF编码对象操作存在认证绕过，可能导致创建管理员账户。

Description (English)

Eibiz i-Media Server Digital Signage is a digital brand server for Eibiz in Thailand. Version 3.8.0 of Eibiz i-Media Server Digital Signage contains a bug in access control, which results from the authentication bypass of the AMF encoded object operation, which may lead to the creation of an administrator account.

Hazard Level

High

Vulnerability Type

访问控制错误

Affected Vendor

Eibiz

Published

2025-12-10

Last Modified

2026-02-24

References

https://www.vulncheck.com/advisories/eibiz-i-media-server-digital-signage-unauthenticated-user-creation-vulnerability https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5586.php http://www.eibiz.co.th https://www.exploit-db.com/exploits/48763 https://access.redhat.com/security/cve/cve-2020-36894