Vulnerability Details CVE-2020-10176
ASSA ABLOY Yale WIPC-301W 2.x.2.29 through 2.x.2.43_p1 devices allow Eval Injection of commands.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 62.9%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
- https://firedome.io/blog/firedome-discloses-0-day-vulnerabilities-in-yale-ip-cameras/
- https://lp.firedome.io/hubfs/Yale%20WIPC-301W%20RCE%20Vulnerability%20Report%205-6.pdf
- https://firedome.io/blog/firedome-discloses-0-day-vulnerabilities-in-yale-ip-cameras/
- https://lp.firedome.io/hubfs/Yale%20WIPC-301W%20RCE%20Vulnerability%20Report%205-6.pdf
Products affected by CVE-2020-10176
-
cpe:2.3:h:assaabloy:yale_wipc-301w:-
-
cpe:2.3:o:assaabloy:yale_wipc-301w_firmware:2.x.2.29
-
cpe:2.3:o:assaabloy:yale_wipc-301w_firmware:2.x.2.43