CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2020-8974

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1030%
EPSS Percentile9.58th
Published2022年10月17日
Last Modified2024年11月21日

Vulnerability Description

In ZGR TPS200 NG 2.00 firmware version and 1.01 hardware version, the firmware upload process does not perform any type of restriction. This allows an attacker to modify it and re-upload it via web with malicious modifications, rendering the device unusable.

Affected Platforms (CPE)

💻
Zigor

Zgr Tps200 Ng Firmware

= 2.00

References & Advisories

🔗 https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-zgr-tps200-ng
🔗 https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-zgr-tps200-ng

相關漏洞威脅

CVE-2020-89769.6

The integrated server of the ZGR TPS200 NG on its 2.00 firmware version and 1.01 hardware version, allows a remote attacker to per...

CVE-2020-89739.3

ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, does not properly accept specially constructed requests. Thi...

CVE-2020-89757.5

ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, allows a remote attacker with access to the web application ...

CVE-2020-696610.0

In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Ver...