CVE-2020-25036 Information

Jun 07, 2022 cve

Description

UCOPIA Wi-Fi appliances 6.0.5 allow authenticated remote attackers to escape the restricted administration shell CLI and access a shell with admin user rights via an unprotected less command.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Reference

https://blog.globadis.com/blog/ucopia-v6-multiple-cves-root/ https://ucopia.com/en/solutions/product-line-wifi/

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

8.8

Share on: