CVE-2020-10181

goform/formEMR30 in Sumavision Enhanced Multimedia Router (EMR) 3.0.4.27 allows creation of arbitrary users with elevated privileges (administrator) on a device, as demonstrated by a setString=new_user<*1*>administrator<*1*>123456 request.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:sumavision:enhanced_multimedia_router_firmware:3.0.4.27:*:*:*:*:*:*:*
cpe:2.3:h:sumavision:enhanced_multimedia_router:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-03-11 16:15

Updated : 2024-02-28 17:28


NVD link : CVE-2020-10181

Mitre link : CVE-2020-10181

CVE.ORG link : CVE-2020-10181


JSON object : View

Products Affected

sumavision

  • enhanced_multimedia_router
  • enhanced_multimedia_router_firmware
CWE
CWE-352

Cross-Site Request Forgery (CSRF)