Vulnerability Details CVE-2020-21883
Unibox U-50 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a OS command injection vulnerability in /tools/ping, which can leads to complete device takeover.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.101
EPSS Ranking 92.8%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 9.0
References
Products affected by CVE-2020-21883
-
cpe:2.3:h:indionetworks:unibox_u1000:-
-
cpe:2.3:h:indionetworks:unibox_u2500:-
-
cpe:2.3:h:indionetworks:unibox_u5000:-
-
cpe:2.3:h:indionetworks:unibox_u500:-
-
cpe:2.3:h:indionetworks:unibox_u50:-
-
cpe:2.3:o:indionetworks:unibox_u1000_firmware:2.4
-
cpe:2.3:o:indionetworks:unibox_u2500_firmware:2.4
-
cpe:2.3:o:indionetworks:unibox_u5000_firmware:2.4
-
cpe:2.3:o:indionetworks:unibox_u500_firmware:2.4
-
cpe:2.3:o:indionetworks:unibox_u50_firmware:2.4