CyberSec.Space Logo
CVEブラウザに戻る

CVE-2020-8973

CRITICAL
9.3
CVSS Severity Score
EPSS Score0.0820%
EPSS Percentile7.35th
Published2022年10月17日
Last Modified2024年11月21日

Vulnerability Description

ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, does not properly accept specially constructed requests. This allows an attacker with access to the network where the affected asset is located, to operate and change several parameters without having to be registered as a user on the web that owns the device.

Affected Platforms (CPE)

💻
Zigor

Zgr Tps200 Ng Firmware

= 2.00

References & Advisories

🔗 https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-zgr-tps200-ng
🔗 https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-zgr-tps200-ng

関連する脆弱性情報

CVE-2020-897410.0

In ZGR TPS200 NG 2.00 firmware version and 1.01 hardware version, the firmware upload process does not perform any type of restric...

CVE-2020-89769.6

The integrated server of the ZGR TPS200 NG on its 2.00 firmware version and 1.01 hardware version, allows a remote attacker to per...

CVE-2020-89757.5

ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, allows a remote attacker with access to the web application ...

CVE-2020-676910.0

Missing Authentication for Critical Function in the Bosch Video Streaming Gateway (VSG) allows an unauthenticated remote attacker ...