CRITICAL🇵🇱 Wersja polska

CVE-2020-10288

CVSS 9.8v3.1pub. 2020-07-15upd. 2024-11-21

IRC5 exposes an ftp server (port 21). Upon attempting to gain access you are challenged with a request of username and password, however you can input whatever you like. As long as the field isn't empty it will be accepted.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Abb Irb140

    HW
    Abb
    wszystkie wersje
  • Abb Irc5

    HW
    Abb
    wszystkie wersje
  • Abb Robotware

    APP
    Abb
    5.09
  • Windriver Vxworks

    OS
    Windriver
    5.5.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2020-35198CRITICAL9.8ten sam produkt

An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer overflow in calcu...

CVE-2021-29999CRITICAL9.8ten sam produkt

An issue was discovered in Wind River VxWorks through 6.8. There is a possible stack overflow in dhcp server.

CVE-2021-29998CRITICAL9.8ten sam produkt

An issue was discovered in Wind River VxWorks before 6.5. There is a possible heap overflow in dhcp client.

CVE-2016-20009CRITICAL9.8ten sam produkt

A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. NOT...

CVE-2020-10287CRITICAL9.8ten sam produkt

The IRC5 family with UAS service enabled comes by default with credentials that can be found on publicly avail...