CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-17383

A directory traversal vulnerability on Telos Z/IP One devices through 4.0.0r grants an unauthenticated individual root level access to the device's file system. This can be used to identify configuration settings, password hashes for built-in accounts, and the cleartext password for remote configuration of the device through the WebUI.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.063

EPSS Ranking 90.4%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

Products affected by CVE-2020-17383

Telosalliance » Z/ip One » Version: N/A

cpe:2.3:h:telosalliance:z/ip_one:-
Telosalliance » Z/ip One Firmware » Version: N/A

cpe:2.3:o:telosalliance:z/ip_one_firmware:-
Telosalliance » Z/ip One Firmware » Version: 1.5.0r

cpe:2.3:o:telosalliance:z/ip_one_firmware:1.5.0r
Telosalliance » Z/ip One Firmware » Version: 1.6.0r

cpe:2.3:o:telosalliance:z/ip_one_firmware:1.6.0r
Telosalliance » Z/ip One Firmware » Version: 1.7.0r

cpe:2.3:o:telosalliance:z/ip_one_firmware:1.7.0r
Telosalliance » Z/ip One Firmware » Version: 1.9.0r

cpe:2.3:o:telosalliance:z/ip_one_firmware:1.9.0r
Telosalliance » Z/ip One Firmware » Version: 2.0.0r

cpe:2.3:o:telosalliance:z/ip_one_firmware:2.0.0r
Telosalliance » Z/ip One Firmware » Version: 3.0.0r

cpe:2.3:o:telosalliance:z/ip_one_firmware:3.0.0r
Telosalliance » Z/ip One Firmware » Version: 4.0.0r

cpe:2.3:o:telosalliance:z/ip_one_firmware:4.0.0r

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-17383

Products

Pricing

Contact Us