CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-6954

An issue was discovered on Cayin SMP-PRO4 devices. A user can discover a saved password by viewing the URL after a Connection String Test. This password is shown in the webpass parameter of a media_folder.cgi?apply_mode=ping_server URI.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 57.2%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.0

References

https://nileshsapariya.blogspot.com/2020/01/cayin-smp-pro4-signage-media-player.html
https://nileshsapariya.blogspot.com/2020/01/cayin-smp-pro4-signage-media-player.html

Products affected by CVE-2020-6954

Cayintech » Smp-Pro4 » Version: N/A

cpe:2.3:h:cayintech:smp-pro4:-
Cayintech » Smp-Pro4 Firmware » Version: N/A

cpe:2.3:o:cayintech:smp-pro4_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-6954

Products

Pricing

Contact Us