← Back

CVE-2020-24246

nvd nist
Published: Oct 7, 2020Modified: Nov 21, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

Peplink Balance before 8.1.0rc1 allows an unauthenticated attacker to download PHP configuration files (/filemanager/php/connector.php) from Web Admin.

Affected (55)

Products: Peplink: Balance 20x Firmware, Balance 310x Firmware, Mbx Firmware, Epx Firmware, Sdx Firmware, Balance 30 Lte Firmware, Balance 20 Firmware, Balance 30 Firmware, Balance 30 Pro Firmware, Balance 50 Firmware, Balance One Firmware, Balance Two Firmware, Balance 210 Firmware, Balance 310 Firmware, Balance 305 Firmware, Balance 380 Firmware, Balance 580 Firmware, Balance 710 Firmware, Balance 1350 Firmware, Balance 2500 Firmware, Max Br1 Mk2 Firmware, Max Br1 Classic Firmware, Max Br1 Slim Firmware, Max Br1 Mini Firmware, Max Br1 M2m Firmware, Max Br1 Ent Firmware, Max Br1 Pro Firmware, Max Br1 Ip67 Firmware, Max Br2 Firmware, Max Br1 Ip55 Firmware, Max Br2 Ip55 Firmware, Max Hd2 Ip67 Firmware, Max Hd2 Mini Firmware, Max Hd2 Firmware, Max Hd1 Dome Firmware, Max Hd2 Dome Firmware, Max Hd4 Firmware, Max Hd4 Ip67 Firmware, Max Transit Firmware, Max Transit Duo Firmware, Max Transit Mini Firmware, Max Hotspot Firmware, Max On The Go Firmware, Max 700 Firmware, Ubr Lte Firmware, Surf Soho Firmware, Surf Soho Mk3 Firmware, Mediafast 200 Firmware, Mediafast 500 Firmware, Mediafast 750 Firmware, Mediafast Hd2 Firmware, Mediafast Hd4 Firmware, Speedfusion Sfe Firmware, Speedfusion Sfe Cam Firmware, Fusionhub Firmware
Peplink
55 products
Balance 20x Firmware
Balance 310x Firmware
Mbx Firmware
Epx Firmware
Sdx Firmware
Balance 30 Lte Firmware
Balance 20 Firmware
Balance 30 Firmware
Balance 30 Pro Firmware
Balance 50 Firmware
Balance One Firmware
Balance Two Firmware
Balance 210 Firmware
Balance 310 Firmware
Balance 305 Firmware
Balance 380 Firmware
Balance 580 Firmware
Balance 710 Firmware
Balance 1350 Firmware
Balance 2500 Firmware
Max Br1 Mk2 Firmware
Max Br1 Classic Firmware
Max Br1 Slim Firmware
Max Br1 Mini Firmware
Max Br1 M2m Firmware
Max Br1 Ent Firmware
Max Br1 Pro Firmware
Max Br1 Ip67 Firmware
Max Br2 Firmware
Max Br1 Ip55 Firmware
Max Br2 Ip55 Firmware
Max Hd2 Ip67 Firmware
Max Hd2 Mini Firmware
Max Hd2 Firmware
Max Hd1 Dome Firmware
Max Hd2 Dome Firmware
Max Hd4 Firmware
Max Hd4 Ip67 Firmware
Max Transit Firmware
Max Transit Duo Firmware
Max Transit Mini Firmware
Max Hotspot Firmware
Max On The Go Firmware
Max 700 Firmware
Ubr Lte Firmware
Surf Soho Firmware
Surf Soho Mk3 Firmware
Mediafast 200 Firmware
Mediafast 500 Firmware
Mediafast 750 Firmware
Mediafast Hd2 Firmware
Mediafast Hd4 Firmware
Speedfusion Sfe Firmware
Speedfusion Sfe Cam Firmware
Fusionhub Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Balance 20x Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Balance 20x
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Balance 310x Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Balance 310x
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Mbx Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Mbx
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Epx Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Epx
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sdx Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Sdx
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Balance 30 Lte Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Balance 30 Lte
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Balance 20 Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Balance 20
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Balance 30 Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Balance 30
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Balance 30 Pro Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Balance 30 Pro
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Balance 50 Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Balance 50
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Balance One Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Balance One
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Balance Two Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Balance Two
All versions
Configuration O
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Balance 210 Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Balance 210
All versions
Configuration P
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Balance 310 Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Balance 310
All versions
Configuration Q
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Balance 305 Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Balance 305
Version hw2
Configuration R
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Balance 380 Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Balance 380
Version hw6
Configuration S
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Balance 580 Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Balance 580
Version hw2-3
Configuration T
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Balance 710 Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Balance 710
Version hw3
Configuration U
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Balance 1350 Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Balance 1350
Version hw2
Configuration V
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Balance 2500 Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Balance 2500
All versions
Configuration W
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Max Br1 Mk2 Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Max Br1 Mk2
All versions
Configuration X
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Max Br1 Classic Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Max Br1 Classic
Version hw2-3
Configuration Y
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Max Br1 Slim Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Max Br1 Slim
All versions
Configuration Z
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Max Br1 Mini Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Max Br1 Mini
All versions
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Max Br1 M2m Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Max Br1 M2m
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Max Br1 Ent Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Max Br1 Ent
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Max Br1 Pro Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Max Br1 Pro
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Max Br1 Ip67 Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Max Br1 Ip67
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Max Br2 Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Max Br2
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Max Br1 Ip55 Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Max Br1 Ip55
Version hw2-4
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Max Br2 Ip55 Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Max Br2 Ip55
Version hw2-3
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Max Hd2 Ip67 Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Max Hd2 Ip67
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Max Hd2 Mini Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Max Hd2 Mini
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Max Hd2 Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Max Hd2
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Max Hd1 Dome Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Max Hd1 Dome
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Max Hd2 Dome Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Max Hd2 Dome
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Max Hd4 Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Max Hd4
All versions
Configuration N
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Max Hd4 Ip67 Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Max Hd4 Ip67
All versions
Configuration O
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Max Transit Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Max Transit
All versions
Configuration P
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Max Transit Duo Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Max Transit Duo
All versions
Configuration Q
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Max Transit Mini Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Max Transit Mini
All versions
Configuration R
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Max Hotspot Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Max Hotspot
All versions
Configuration S
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Max On The Go Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Max On The Go
Version hw2
Configuration T
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Max 700 Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Max 700
All versions
Configuration U
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ubr Lte Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Ubr Lte
All versions
Configuration V
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Surf Soho Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Surf Soho
Version hw2
Configuration W
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Surf Soho Mk3 Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Surf Soho Mk3
All versions
Configuration X
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Mediafast 200 Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Mediafast 200
All versions
Configuration Y
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Mediafast 500 Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Mediafast 500
All versions
Configuration Z
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Mediafast 750 Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Mediafast 750
All versions
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Mediafast Hd2 Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Mediafast Hd2
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Mediafast Hd4 Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Mediafast Hd4
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Speedfusion Sfe Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Speedfusion Sfe
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Speedfusion Sfe Cam Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Speedfusion Sfe Cam
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Fusionhub Firmware
Up to 8.1.0
Running on/withPlatform Versions
Peplink
Fusionhub
All versions

References (4)

Source: cve@mitre.org
ExploitThird Party Advisory
Source: cve@mitre.org
Release NotesVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Release NotesVendor Advisory

Timeline

No history available yet.