1. Home
  2. CVE Database
  3. CVE-2020-22253
CRITICAL · 9.8

CVE-2020-22253

Xiongmai Technology Co devices AHB7008T-MH-V2, AHB7804R-ELS, AHB7804R-MH-V2, AHB7808R-MS-V2, AHB7808R-MS, AHB7808T-MS-V2, AHB7804R-LMS, and HI3518E_50H10L_S39 were all discovered to have port 9530 ope...

Vulnerability Description

Xiongmai Technology Co devices AHB7008T-MH-V2, AHB7804R-ELS, AHB7804R-MH-V2, AHB7808R-MS-V2, AHB7808R-MS, AHB7808T-MS-V2, AHB7804R-LMS, and HI3518E_50H10L_S39 were all discovered to have port 9530 open which allows unauthenticated attackers to make arbitrary Telnet connections with the victim device.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
XiongmaitechAhb7008T-Mh-V2 Firmware4.02.r11.7601.nat.onvifc.20170420
XiongmaitechAhb7008T-Mh-V2-
XiongmaitechAhb7804R-Els Firmware4.02.r11.nat.onvifc.20160422
XiongmaitechAhb7804R-Els-
XiongmaitechAhb7804R-Mh-V2 Firmware4.02.r11.7601.nat.onvifc.20170424
XiongmaitechAhb7804R-Mh-V2-
XiongmaitechAhb7808R-Ms-V2 Firmware4.02.r11.nat.onvifc.20170327
XiongmaitechAhb7808R-Ms-V2-
XiongmaitechAhb7808R-Ms Firmware4.02.r11.nat.onvifc.20170328
XiongmaitechAhb7808R-Ms-
XiongmaitechAhb7808T-Ms-V2 Firmware4.02.r11.nat.onvifc.20161205
XiongmaitechAhb7808T-Ms-V2-
XiongmaitechAhb7804R-Lms Firmware4.02.r11.nat.onvifc.20170301
XiongmaitechAhb7804R-Lms-
XiongmaitechHi3518E 50H10L S39 Firmware4.02.r12.nat.onvifs.20170727_all
XiongmaitechHi3518E 50H10L S39-

References

FAQ

What is CVE-2020-22253?

CVE-2020-22253 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Xiongmai Technology Co devices AHB7008T-MH-V2, AHB7804R-ELS, AHB7804R-MH-V2, AHB7808R-MS-V2, AHB7808R-MS, AHB7808T-MS-V2, AHB7804R-LMS, and HI3518E_50H10L_S39 were all discovered to have port 9530 ope...

How severe is CVE-2020-22253?

CVE-2020-22253 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2020-22253?

Check the references section above for vendor advisories and patch information. Affected products include: Xiongmaitech Ahb7008T-Mh-V2 Firmware, Xiongmaitech Ahb7008T-Mh-V2, Xiongmaitech Ahb7804R-Els Firmware, Xiongmaitech Ahb7804R-Els, Xiongmaitech Ahb7804R-Mh-V2 Firmware.