CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-16208

The affected product is vulnerable to cross-site request forgery, which may allow an attacker to modify different configurations of a device by luring an authenticated user to click on a crafted link on the N-Tron 702-W / 702M12-W (all versions).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 48.9%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 9.3

References

http://packetstormsecurity.com/files/159064/Red-Lion-N-Tron-702-W-702M12-W-2.0.26-XSS-CSRF-Shell.html
http://seclists.org/fulldisclosure/2020/Sep/6
https://us-cert.cisa.gov/ics/advisories/icsa-20-240-01
http://packetstormsecurity.com/files/159064/Red-Lion-N-Tron-702-W-702M12-W-2.0.26-XSS-CSRF-Shell.html
http://seclists.org/fulldisclosure/2020/Sep/6
https://us-cert.cisa.gov/ics/advisories/icsa-20-240-01

Products affected by CVE-2020-16208

Redlion » N-Tron 702-W » Version: N/A

cpe:2.3:h:redlion:n-tron_702-w:-
Redlion » N-Tron 702m12-W » Version: N/A

cpe:2.3:h:redlion:n-tron_702m12-w:-
Redlion » N-Tron 702-W Firmware » Version: N/A

cpe:2.3:o:redlion:n-tron_702-w_firmware:-
Redlion » N-Tron 702m12-W Firmware » Version: N/A

cpe:2.3:o:redlion:n-tron_702m12-w_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-16208

Products

Pricing

Contact Us