CyberSec.Space Logo
Back to CVE Browser

CVE-2020-8974

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1030%
EPSS Percentile9.58th
PublishedOct 17, 2022
Last ModifiedNov 21, 2024

Vulnerability Description

In ZGR TPS200 NG 2.00 firmware version and 1.01 hardware version, the firmware upload process does not perform any type of restriction. This allows an attacker to modify it and re-upload it via web with malicious modifications, rendering the device unusable.

Affected Platforms (CPE)

💻
Zigor

Zgr Tps200 Ng Firmware

= 2.00

References & Advisories

🔗 https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-zgr-tps200-ng
🔗 https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-zgr-tps200-ng

Related Vulnerabilities

CVE-2020-89769.6

The integrated server of the ZGR TPS200 NG on its 2.00 firmware version and 1.01 hardware version, allows a remote attacker to per...

CVE-2020-89739.3

ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, does not properly accept specially constructed requests. Thi...

CVE-2020-89757.5

ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, allows a remote attacker with access to the web application ...

CVE-2026-48777

FileBrowser Quantum is a free, self-hosted, web-based file manager. Versions prior to 1.3.2-stable, 1.4.0-beta and 1.4.1-beta are ...