CNNVD-202512-1815 Information

Dec 10, 2025 cve

CNNVD ID

CNNVD-202512-1815

CVE-2020-36892

CNNVD Published: 2025-12-10

Description (Chinese)

Eibiz i-Media Server Digital Signage是泰国Eibiz公司的一个数字标牌服务器。 Eibiz i-Media Server Digital Signage 3.8.0版本存在访问控制错误漏洞，该漏洞源于updateUser对象存在权限提升，可能导致账户接管。

Description (English)

Eibiz i-Media Server Digital Signage is a digital brand server for Eibiz in Thailand. Version 3.8.0 of Eibiz i-Media Server Digital Signage contains an error access control loophole, which stems from the increase in the power of theupdateUser object, which may lead to the account taking over.

Hazard Level

High

Vulnerability Type

访问控制错误

Affected Vendor

Eibiz

Published

2025-12-10

Last Modified

2026-02-24

References

https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5584.php http://www.eibiz.co.th https://www.vulncheck.com/advisories/eibiz-i-media-server-digital-signage-unauthenticated-privilege-escalation https://www.exploit-db.com/exploits/48774 https://access.redhat.com/security/cve/cve-2020-36892

Share on: