Vulnerability Details CVE-2020-5635
Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker on the adjacent network to send a specially crafted request to a specific URL, which may result in an arbitrary command execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.7%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 5.8
References
- https://jvn.jp/en/jp/JVN55917325/index.html
- https://jvn.jp/jp/JVN55917325/index.html
- https://www.necplatforms.co.jp/product/security_ap/info_20201211.html
- https://jvn.jp/en/jp/JVN55917325/index.html
- https://jvn.jp/jp/JVN55917325/index.html
- https://www.necplatforms.co.jp/product/security_ap/info_20201211.html
Products affected by CVE-2020-5635
-
cpe:2.3:h:necplatforms:aterm_sa3500g:-
-
cpe:2.3:o:necplatforms:aterm_sa3500g_firmware:-