1. Home
  2. CVE Database
  3. CVE-2020-8170
MEDIUM · 6.1

CVE-2020-8170

We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the ...

Vulnerability Description

We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the description below:Multiple end-points with parameters vulnerable to reflected cross site scripting (XSS), allowing attackers to abuse the user' session information and/or account takeover of the admin user.Mitigation:Update to the latest AirMax AirOS firmware version available at the AirMax download page.

CVSS Score

6.1

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality
LOW
Integrity
LOW
Availability
NONE

Affected Products

VendorProductVersions
UiAiros<= 6.2.0
UiAg-Hp-2G16-
UiAg-Hp-2G20-
UiAg-Hp-5G23-
UiAg-Hp-5G27-
UiAirgrid M-
UiAirgrid M2-
UiAirgrid M5-
UiAr-
UiAr-Hp-
UiBm2-Ti-
UiBm2Hp-
UiBm5-Ti-
UiBm5Hp-
UiIs-M5-
UiLbem5-23-
UiLitestation M5-
UiLocom2-
UiLocom5-
UiLocom9-

Related Weaknesses (CWE)

CWE-79

References

FAQ

What is CVE-2020-8170?

CVE-2020-8170 is a vulnerability with a CVSS score of 6.1 (MEDIUM). We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the ...

How severe is CVE-2020-8170?

CVE-2020-8170 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-8170?

Check the references section above for vendor advisories and patch information. Affected products include: Ui Airos, Ui Ag-Hp-2G16, Ui Ag-Hp-2G20, Ui Ag-Hp-5G23, Ui Ag-Hp-5G27.