CVEDB API - Fast Vulnerability Dashboard

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-7470

Sonoff TH 10 and 16 devices with firmware 6.6.0.21 allows XSS via the Friendly Name 1 field (after a successful login with the Web Admin Password).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 54.5%

CVSS Severity

CVSS v3 Score 4.8

CVSS v2 Score 3.5

References

Products affected by CVE-2020-7470

Sonoff » Th10 » Version: N/A

cpe:2.3:h:sonoff:th10:-
Sonoff » Th16 » Version: N/A

cpe:2.3:h:sonoff:th16:-
Sonoff » Th10 Firmware » Version: 6.6.0.21

cpe:2.3:o:sonoff:th10_firmware:6.6.0.21
Sonoff » Th16 Firmware » Version: 6.6.0.21

cpe:2.3:o:sonoff:th16_firmware:6.6.0.21

Products

Pricing

Contact Us

support@shodan.io

Shodan ® - All rights reserved