Vulnerability Details CVE-2019-20481
In MIELE XGW 3000 ZigBee Gateway before 2.4.0, the Password Change Function does not require knowledge of the old password. This can be exploited in conjunction with CVE-2019-20480.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.3%
CVSS Severity
CVSS v3 Score 4.6
CVSS v2 Score 5.0
References
Products affected by CVE-2019-20481
-
cpe:2.3:h:miele:xgw_3000_zigbee_gateway:-
-
cpe:2.3:o:miele:xgw_3000_zigbee_gateway_firmware:*