Vulnerability Details CVE-2020-10209
Command Injection in the CPE WAN Management Protocol (CWMP) registration in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows man-in-the-middle attackers to execute arbitrary commands with root level privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.028
EPSS Ranking 85.4%
CVSS Severity
CVSS v3 Score 8.1
CVSS v2 Score 9.3
References
Products affected by CVE-2020-10209
-
cpe:2.3:h:amino:ak45x:-
-
cpe:2.3:h:amino:ak5xx:-
-
cpe:2.3:h:amino:ak65x:-
-
cpe:2.3:h:amino:aria6xx:-
-
cpe:2.3:h:amino:aria7xx:-
-
cpe:2.3:h:amino:kami7b:-
-
cpe:2.3:o:amino:ak45x_firmware:-
-
cpe:2.3:o:amino:ak5xx_firmware:-
-
cpe:2.3:o:amino:ak65x_firmware:-
-
cpe:2.3:o:amino:aria6xx_firmware:-
-
cpe:2.3:o:amino:aria7xx_firmware:-
-
cpe:2.3:o:amino:kami7b_firmware:-