1. Home
  2. CVE Database
  3. CVE-2020-8973
CRITICAL · 9.3

CVE-2020-8973

ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, does not properly accept specially constructed requests. This allows an attacker with access to the network where the affected ass...

Vulnerability Description

ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, does not properly accept specially constructed requests. This allows an attacker with access to the network where the affected asset is located, to operate and change several parameters without having to be registered as a user on the web that owns the device.

CVSS Score

9.3

CRITICAL

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
NONE

Affected Products

VendorProductVersions
ZigorZgr Tps200 Ng Firmware2.00
ZigorZgr Tps200 Ng1.01

Related Weaknesses (CWE)

CWE-284

References

FAQ

What is CVE-2020-8973?

CVE-2020-8973 is a vulnerability with a CVSS score of 9.3 (CRITICAL). ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, does not properly accept specially constructed requests. This allows an attacker with access to the network where the affected ass...

How severe is CVE-2020-8973?

CVE-2020-8973 has been rated CRITICAL with a CVSS base score of 9.3/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2020-8973?

Check the references section above for vendor advisories and patch information. Affected products include: Zigor Zgr Tps200 Ng Firmware, Zigor Zgr Tps200 Ng.