← Back

CVE-2020-16259

nvd nist
Published: Oct 28, 2020Modified: Nov 21, 2024

JSON object

Loading...
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

Winston 1.5.4 devices have an SSH user account with access from bastion hosts. This is undocumented in device documents and is not announced to the user.

Affected (1)

Winstonprivacy
1 product
Winston Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Winston Firmware
Version 1.5.4
Running on/withPlatform Versions
Winstonprivacy
Winston
All versions

References (4)

Source: cve@mitre.org
ExploitThird Party Advisory
Source: cve@mitre.org
Product
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Product

Timeline

No history available yet.