CVE Daily

CVE-2020-6170

An authentication bypass vulnerability on Genexis Platinum-4410 v2.1 P4410-V2 1...

Critical CVSS 9.8

Overview

An authentication bypass vulnerability on Genexis Platinum-4410 v2.1 P4410-V2 1.28 devices allows attackers to obtain cleartext credentials from the HTML source code of the cgi-bin/index2.asp URI.

CWE: CWE-200 Published: 2020-01-08T06:15:12.383
Risk analysis

This vulnerability is rated 🔴 CRITICAL.

  • CVSS: 9.8 (CRITICAL)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags