CyberSec.Space Logo
返回 CVE 浏览器

CVE-2020-8976

CRITICAL
9.6
CVSS Severity Score
EPSS Score0.0450%
EPSS Percentile42.26th
Published2022年10月17日
Last Modified2024年11月21日

Vulnerability Description

The integrated server of the ZGR TPS200 NG on its 2.00 firmware version and 1.01 hardware version, allows a remote attacker to perform actions with the permissions of a victim user. For this to happen, the victim user has to have an active session and triggers the malicious request.

Affected Platforms (CPE)

💻
Zigor

Zgr Tps200 Ng Firmware

= 2.00

References & Advisories

🔗 https://www.incibe-cert.es/en/early-warning/ics-advisories/multiple-vulnerabilities-zgr-tps200-ng
🔗 https://www.incibe-cert.es/en/early-warning/ics-advisories/multiple-vulnerabilities-zgr-tps200-ng

相关漏洞威胁

CVE-2020-897410.0

In ZGR TPS200 NG 2.00 firmware version and 1.01 hardware version, the firmware upload process does not perform any type of restric...

CVE-2020-89739.3

ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, does not properly accept specially constructed requests. Thi...

CVE-2020-89757.5

ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, allows a remote attacker with access to the web application ...

CVE-2020-393610.0

UltraLog Express device management interface does not properly filter user inputted string in some specific parameters, attackers ...