Vulnerability Details CVE-2020-13620
Fastweb FASTGate GPON FGA2130FWB devices through 2020-05-26 allow CSRF via the router administration web panel, leading to an attacker's ability to perform administrative actions such as modifying the configuration.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 35.7%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
References
- https://lucadidomenico.medium.com/fastgate-gpon-cross-site-request-forgery-cve-2020-13620-e279f3fbaee4
- https://members.backbox.org/fastgate-gpon-cross-site-request-forgery/
- https://lucadidomenico.medium.com/fastgate-gpon-cross-site-request-forgery-cve-2020-13620-e279f3fbaee4
- https://members.backbox.org/fastgate-gpon-cross-site-request-forgery/
Products affected by CVE-2020-13620
-
cpe:2.3:h:fastweb:fastgate_gpon_fga2130fwb:-
-
cpe:2.3:o:fastweb:fastgate_gpon_fga2130fwb_firmware:-
-
cpe:2.3:o:fastweb:fastgate_gpon_fga2130fwb_firmware:18.3.n.0482_fw_233_fga2130
-
cpe:2.3:o:fastweb:fastgate_gpon_fga2130fwb_firmware:2020-05-26