Vulnerability Details CVE-2020-12447
A Local File Inclusion (LFI) issue on Onkyo TX-NR585 1000-0000-000-0008-0000 devices allows remote unauthenticated users on the network to read sensitive files via %2e%2e%2f directory traversal, as demonstrated by reading /etc/shadow.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.719
EPSS Ranking 98.7%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
Products affected by CVE-2020-12447
-
cpe:2.3:h:onkyo:tx-nr585:-
-
cpe:2.3:o:onkyo:tx-nr585_firmware:1000-0000-000-0008-0000