CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-28929

Unrestricted access to the log downloader functionality in EPSON EPS TSE Server 8 (21.0.11) allows an unauthenticated attacker to remotely retrieve administrative hashed credentials via the maintenance/troubleshoot.php?download=1 URI.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.02

EPSS Ranking 82.7%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://blog.bssi.fr/multiple-vulnerabilities-within-epson-eps-tse-server-8/#vulnerability-1
https://blog.bssi.fr/multiple-vulnerabilities-within-epson-eps-tse-server-8/#vulnerability-1

Products affected by CVE-2020-28929

Epson » Eps Tse Server 8 » Version: N/A

cpe:2.3:h:epson:eps_tse_server_8:-
Epson » Eps Tse Server 8 Firmware » Version: 21.0.11

cpe:2.3:o:epson:eps_tse_server_8_firmware:21.0.11

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-28929

Products

Pricing

Contact Us