Vulnerability Details CVE-2020-5636
Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative privilege to send a specially crafted request to a specific URL, which may result in an arbitrary command execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 47.6%
CVSS Severity
CVSS v3 Score 6.8
CVSS v2 Score 5.2
References
- https://jvn.jp/en/jp/JVN55917325/index.html
- https://jvn.jp/jp/JVN55917325/index.html
- https://www.necplatforms.co.jp/product/security_ap/info_20201211.html
- https://jvn.jp/en/jp/JVN55917325/index.html
- https://jvn.jp/jp/JVN55917325/index.html
- https://www.necplatforms.co.jp/product/security_ap/info_20201211.html
Products affected by CVE-2020-5636
-
cpe:2.3:h:necplatforms:aterm_sa3500g:-
-
cpe:2.3:o:necplatforms:aterm_sa3500g_firmware:-