1. Home
  2. CVE Database
  3. CVE-2020-29375
HIGH · 8.8

CVE-2020-29375

An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. An low-privileged (non-admin) attacke...

Vulnerability Description

An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. An low-privileged (non-admin) attacker can use a hardcoded password (4ef9cea10b2362f15ba4558b1d5c081f) to create an admin user.

CVSS Score

8.8

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
VsolcnV1600D Firmware2.03.57
VsolcnV1600D-
VsolcnV1600D4L Firmware1.01.49
VsolcnV1600D4L-
VsolcnV1600D-Mini Firmware1.01.48
VsolcnV1600D-Mini-
VsolcnV1600G1 Firmware1.9.7
VsolcnV1600G1-
VsolcnV1600G2 Firmware1.1.4
VsolcnV1600G2-

Related Weaknesses (CWE)

CWE-798

References

FAQ

What is CVE-2020-29375?

CVE-2020-29375 is a vulnerability with a CVSS score of 8.8 (HIGH). An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. An low-privileged (non-admin) attacke...

How severe is CVE-2020-29375?

CVE-2020-29375 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-29375?

Check the references section above for vendor advisories and patch information. Affected products include: Vsolcn V1600D Firmware, Vsolcn V1600D, Vsolcn V1600D4L Firmware, Vsolcn V1600D4L, Vsolcn V1600D-Mini Firmware.