1. Home
  2. CVE Database
  3. CVE-2020-29057
HIGH · 7.5

CVE-2020-29057

An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, ...

Vulnerability Description

An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. It allows remote attackers to cause a denial of service (reboot) by sending random bytes to the telnet server on port 23, aka a "shawarma" attack.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
Cdatatec72408A Firmware1.2.2
Cdatatec72408A-
Cdatatec9008A Firmware1.2.2
Cdatatec9008A-
Cdatatec9016A Firmware1.2.2
Cdatatec9016A-
Cdatatec92408A Firmware1.2.2
Cdatatec92408A-
Cdatatec92416A Firmware1.2.2
Cdatatec92416A-
Cdatatec9288 Firmware1.2.2
Cdatatec9288-
Cdatatec97016 Firmware1.2.2
Cdatatec97016-
Cdatatec97024P Firmware1.2.2
Cdatatec97024P-
Cdatatec97028P Firmware1.2.2
Cdatatec97028P-
Cdatatec97042P Firmware1.2.2
Cdatatec97042P-

References

FAQ

What is CVE-2020-29057?

CVE-2020-29057 is a vulnerability with a CVSS score of 7.5 (HIGH). An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, ...

How severe is CVE-2020-29057?

CVE-2020-29057 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-29057?

Check the references section above for vendor advisories and patch information. Affected products include: Cdatatec 72408A Firmware, Cdatatec 72408A, Cdatatec 9008A Firmware, Cdatatec 9008A, Cdatatec 9016A Firmware.