VDB
CVE-2020-16204
CVE-2020-16204
PUBLISHED
CVSS 10 CRITICAL
The affected product is vulnerable due to an undocumented interface found on the device, which may allow an attacker to execute commands as root on the device on the N-Tron 702-W / 702M12-W (all versions).
EPSS 3.24% · 87.4th percentile
Risk Scores
CVSS 2.0
10
EPSS Score
3.24%
87.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| redlion | n-tron_702m12-w_firmware | |
| n/a | N-Tron 702-W / 702M12-W | Versions prior to all versions |
| redlion | n-tron_702-w_firmware |
Timeline
- Aug 27, 2020 CVE Published
- Sep 4, 2020 PoC Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
References
- https://us-cert.cisa.gov/ics/advisories/icsa-20-240-01 url
- 20200902 SEC Consult SA-20200902-0 :: Multiple Vulnerabilities in Red Lion N-Tron 702-W, Red Lion N-Tron 702M12-W mailing-list
- http://packetstormsecurity.com/files/159064/Red-Lion-N-Tron-702-W-702M12-W-2.0.26-XSS-CSRF-Shell.html url
- https://nvd.nist.gov/vuln/detail/CVE-2020-16204 advisory