CVE-2020-21933

Published: Jul 21, 2021Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where the admin password and private key could be found in the log tar package.

Affected (1)

Products: Motorola: Cx2 Firmware

Motorola

1 product

Cx2 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Motorola Cx2 Firmware	Version 1.0.2

Running on/with	Platform Versions
Motorola Cx2	All versions

Related CWEs

CWE-532

Insertion of Sensitive Information into Log File

Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.

References (4)

https://github.com/cc-crack/router/blob/master/motocx2.md

Source: cve@mitre.org

ExploitThird Party Advisory

https://l0n0l.xyz/post/motocx2/

Source: cve@mitre.org

ExploitThird Party Advisory

https://github.com/cc-crack/router/blob/master/motocx2.md

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://l0n0l.xyz/post/motocx2/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.