Vulnerability Description
RED-V Super Digital Signage System 5.1.1 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive webserver log files. Attackers can visit multiple endpoints to retrieve system resources and debug log information without authentication.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- https://cxsecurity.com/issue/WLB-2020110130
- https://exchange.xforce.ibmcloud.com/vulnerabilities/191803
- https://packetstormsecurity.com/files/160073
- https://www.red-v.tv/
- https://www.vulncheck.com/advisories/red-v-super-digital-signage-system-log-info
- https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5609.php
FAQ
What is CVE-2020-36921?
CVE-2020-36921 is a vulnerability with a CVSS score of 7.5 (HIGH). RED-V Super Digital Signage System 5.1.1 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive webserver log files. Attackers can visit multiple en...
How severe is CVE-2020-36921?
CVE-2020-36921 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-36921?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.