Sign-up

ID

VAR-202101-2015


TITLE

New Cape Electronics Co., Ltd. Internet of Things platform has an arbitrary file download vulnerability (CNVD-2020-72458)

Trust: 0.6

sources: CNVD: CNVD-2020-72458

DESCRIPTION

The business scope of New Cape Electronics Co., Ltd. includes: computer system integration, development and operation and maintenance, software, smart card machines, smart terminals, electronic instruments, etc. New Cape Electronics Co., Ltd. Internet of Things platform has an arbitrary file download vulnerability. Attackers can use this vulnerability to obtain sensitive information.

Trust: 0.6

sources: CNVD: CNVD-2020-72458

IOT TAXONOMY

category:['IoT']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-72458

AFFECTED PRODUCTS

vendor:new capemodel:internet of things platformscope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2020-72458

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2020-72458
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2020-72458
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2020-72458

EXTERNAL IDS

db:CNVDid:CNVD-2020-72458

Trust: 0.6

sources: CNVD: CNVD-2020-72458

SOURCES

db:CNVDid:CNVD-2020-72458

LAST UPDATE DATE

2022-05-04T10:18:04.887000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2020-72458date:2020-12-18T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2020-72458date:2021-01-23T00:00:00