1. Home
  2. CVE Database
  3. CVE-2020-29378
HIGH · 8.8

CVE-2020-29378

An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. It is possible to elevate the privile...

Vulnerability Description

An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. It is possible to elevate the privilege of a CLI user (to full administrative access) by using the password !j@l#y$z%x6x7q8c9z) for the enable command.

CVSS Score

8.8

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
VsolcnV1600D Firmware2.03.57
VsolcnV1600D-
VsolcnV1600D4L Firmware1.01.49
VsolcnV1600D4L-
VsolcnV1600D-Mini Firmware1.01.48
VsolcnV1600D-Mini-
VsolcnV1600G1 Firmware1.9.7
VsolcnV1600G1-
VsolcnV1600G2 Firmware1.1.4
VsolcnV1600G2-

Related Weaknesses (CWE)

CWE-287

References

FAQ

What is CVE-2020-29378?

CVE-2020-29378 is a vulnerability with a CVSS score of 8.8 (HIGH). An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. It is possible to elevate the privile...

How severe is CVE-2020-29378?

CVE-2020-29378 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-29378?

Check the references section above for vendor advisories and patch information. Affected products include: Vsolcn V1600D Firmware, Vsolcn V1600D, Vsolcn V1600D4L Firmware, Vsolcn V1600D4L, Vsolcn V1600D-Mini Firmware.