Sign-up

ID

VAR-202107-1826


TITLE

The Lenovo Xiaoxin XY300 projector has a directory traversal vulnerability

Trust: 0.6

sources: CNVD: CNVD-2021-39823

DESCRIPTION

Xiaoxin XY300 projector is a home, portable mini projector. The Lenovo Xiaoxin XY300 projector has a directory traversal vulnerability, which can be exploited by attackers to obtain sensitive information.

Trust: 0.6

sources: CNVD: CNVD-2021-39823

IOT TAXONOMY

category:['IoT']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2021-39823

AFFECTED PRODUCTS

vendor:lenovomodel:xiaoxin xy300 projectorscope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2021-39823

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2021-39823
value: LOW

Trust: 0.6

CNVD: CNVD-2021-39823
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:P/I:N/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 6.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2021-39823

EXTERNAL IDS

db:CNVDid:CNVD-2021-39823

Trust: 0.6

sources: CNVD: CNVD-2021-39823

SOURCES

db:CNVDid:CNVD-2021-39823

LAST UPDATE DATE

2022-05-04T09:41:59.380000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2021-39823date:2021-06-07T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2021-39823date:2021-07-08T00:00:00