Vulnerability Details CVE-2020-8976
The integrated server of the ZGR TPS200 NG on its 2.00 firmware version and 1.01 hardware version, allows a remote attacker to perform actions with the permissions of a victim user. For this to happen, the victim user has to have an active session and triggers the malicious request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 46.3%
CVSS Severity
CVSS v3 Score 9.6
References
Products affected by CVE-2020-8976
-
cpe:2.3:h:zigor:zgr_tps200_ng:1.01
-
cpe:2.3:o:zigor:zgr_tps200_ng_firmware:2.00