Vulnerability Details CVE-2020-13527
An authentication bypass vulnerability exists in the Web Manager functionality of Lantronix XPort EDGE 3.0.0.0R11, 3.1.0.0R9, 3.4.0.0R12 and 4.2.0.0R7. A specially crafted HTTP request can cause increased privileges. An attacker can send an HTTP request to trigger this vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 26.2%
CVSS Severity
CVSS v3 Score 4.8
CVSS v2 Score 3.5
References
Products affected by CVE-2020-13527
-
cpe:2.3:h:lantronix:sgx:-
-
cpe:2.3:h:lantronix:xport_edge:-
-
cpe:2.3:o:lantronix:sgx_firmware:8.7.0.0
-
cpe:2.3:o:lantronix:sgx_firmware:8.9.0.0
-
cpe:2.3:o:lantronix:xport_edge_firmware:3.0.0.0
-
cpe:2.3:o:lantronix:xport_edge_firmware:3.1.0.0
-
cpe:2.3:o:lantronix:xport_edge_firmware:3.4.0.0
-
cpe:2.3:o:lantronix:xport_edge_firmware:4.2.0.0