Vulnerability Details CVE-2020-12106
The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows unauthenticated users to send HTTP POST request to several critical Administrative functions such as, changing credentials of the Administrator account or connect the product to a rogue access point.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 75.8%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2020-12106
-
cpe:2.3:h:stengg:vpncrypt_m10:-
-
cpe:2.3:o:stengg:vpncrypt_m10_firmware:2.6.5