CVE-2020-24246

Peplink Balance before 8.1.0rc1 allows an unauthenticated attacker to download PHP configuration files (/filemanager/php/connector.php) from Web Admin.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:peplink:balance_20x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:balance_20x:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:peplink:balance_310x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:balance_310x:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:peplink:mbx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:mbx:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:peplink:epx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:epx:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:peplink:sdx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:sdx:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:peplink:balance_30_lte_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:balance_30_lte:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:peplink:balance_20_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:balance_20:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:peplink:balance_30_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:balance_30:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:peplink:balance_30_pro_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:balance_30_pro:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:peplink:balance_50_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:balance_50:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:peplink:balance_50_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:balance_50:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:peplink:balance_one_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:balance_one:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:peplink:balance_two_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:balance_two:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:peplink:balance_210_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:balance_210:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:peplink:balance_210_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:balance_210:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:peplink:balance_310_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:balance_310:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:peplink:balance_305_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:balance_305:hw2:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:peplink:balance_380_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:balance_380:hw6:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:peplink:balance_580_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:balance_580:hw2-3:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:peplink:balance_710_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:balance_710:hw3:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:peplink:balance_1350_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:balance_1350:hw2:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:peplink:balance_2500_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:balance_2500:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:peplink:max_br1_mk2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:max_br1_mk2:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:peplink:max_br1_classic_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:max_br1_classic:hw2-3:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:peplink:max_br1_slim_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:max_br1_slim:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:peplink:max_br1_mini_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:max_br1_mini:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND
cpe:2.3:o:peplink:max_br1_m2m_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:max_br1_m2m:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND
cpe:2.3:o:peplink:max_br1_ent_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:max_br1_ent:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND
cpe:2.3:o:peplink:max_br1_pro_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:max_br1_pro:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND
cpe:2.3:o:peplink:max_br1__ip67_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:max_br1__ip67:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND
cpe:2.3:o:peplink:max_br2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:max_br2:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND
cpe:2.3:o:peplink:max_br1_ip55_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:max_br1_ip55:hw2-4:*:*:*:*:*:*:*

Configuration 33 (hide)

AND
cpe:2.3:o:peplink:max_br2_ip55_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:max_br2_ip55:hw2-3:*:*:*:*:*:*:*

Configuration 34 (hide)

AND
cpe:2.3:o:peplink:max_hd2_ip67_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:max_hd2_ip67:-:*:*:*:*:*:*:*

Configuration 35 (hide)

AND
cpe:2.3:o:peplink:max_hd2_mini_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:max_hd2_mini:-:*:*:*:*:*:*:*

Configuration 36 (hide)

AND
cpe:2.3:o:peplink:max_hd2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:max_hd2:-:*:*:*:*:*:*:*

Configuration 37 (hide)

AND
cpe:2.3:o:peplink:max_hd1_dome_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:max_hd1_dome:-:*:*:*:*:*:*:*

Configuration 38 (hide)

AND
cpe:2.3:o:peplink:max_hd2_dome_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:max_hd2_dome:-:*:*:*:*:*:*:*

Configuration 39 (hide)

AND
cpe:2.3:o:peplink:max_hd4_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:max_hd4:-:*:*:*:*:*:*:*

Configuration 40 (hide)

AND
cpe:2.3:o:peplink:max_hd4_ip67_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:max_hd4_ip67:-:*:*:*:*:*:*:*

Configuration 41 (hide)

AND
cpe:2.3:o:peplink:max_transit_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:max_transit:-:*:*:*:*:*:*:*

Configuration 42 (hide)

AND
cpe:2.3:o:peplink:max_transit_duo_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:max_transit_duo:-:*:*:*:*:*:*:*

Configuration 43 (hide)

AND
cpe:2.3:o:peplink:max_transit_mini_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:max_transit_mini:-:*:*:*:*:*:*:*

Configuration 44 (hide)

AND
cpe:2.3:o:peplink:max_hotspot_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:max_hotspot:-:*:*:*:*:*:*:*

Configuration 45 (hide)

AND
cpe:2.3:o:peplink:max_on-the-go_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:max_on-the-go:hw2:*:*:*:*:*:*:*

Configuration 46 (hide)

AND
cpe:2.3:o:peplink:max_700_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:max_700:-:*:*:*:*:*:*:*

Configuration 47 (hide)

AND
cpe:2.3:o:peplink:ubr_lte_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:ubr_lte:-:*:*:*:*:*:*:*

Configuration 48 (hide)

AND
cpe:2.3:o:peplink:surf_soho_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:surf_soho:hw2:*:*:*:*:*:*:*

Configuration 49 (hide)

AND
cpe:2.3:o:peplink:surf_soho_mk3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:surf_soho_mk3:-:*:*:*:*:*:*:*

Configuration 50 (hide)

AND
cpe:2.3:o:peplink:mediafast_200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:mediafast_200:-:*:*:*:*:*:*:*

Configuration 51 (hide)

AND
cpe:2.3:o:peplink:mediafast_500_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:mediafast_500:-:*:*:*:*:*:*:*

Configuration 52 (hide)

AND
cpe:2.3:o:peplink:mediafast_750_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:mediafast_750:-:*:*:*:*:*:*:*

Configuration 53 (hide)

AND
cpe:2.3:o:peplink:mediafast_hd2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:mediafast_hd2:-:*:*:*:*:*:*:*

Configuration 54 (hide)

AND
cpe:2.3:o:peplink:mediafast_hd4_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:mediafast_hd4:-:*:*:*:*:*:*:*

Configuration 55 (hide)

AND
cpe:2.3:o:peplink:speedfusion_sfe_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:speedfusion_sfe:-:*:*:*:*:*:*:*

Configuration 56 (hide)

AND
cpe:2.3:o:peplink:speedfusion_sfe_cam_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:speedfusion_sfe_cam:-:*:*:*:*:*:*:*

Configuration 57 (hide)

AND
cpe:2.3:o:peplink:fusionhub_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:peplink:fusionhub:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:14

Type Values Removed Values Added
References () https://blog.bssi.fr/cve-2020-24246-leaking-source-file-using-the-web-admin-interface-of-peplink-balance/ - Exploit, Third Party Advisory () https://blog.bssi.fr/cve-2020-24246-leaking-source-file-using-the-web-admin-interface-of-peplink-balance/ - Exploit, Third Party Advisory
References () https://download.peplink.com/resources/firmware-8.1.0rc1-release-notes.pdf - Release Notes, Vendor Advisory () https://download.peplink.com/resources/firmware-8.1.0rc1-release-notes.pdf - Release Notes, Vendor Advisory

Information

Published : 2020-10-07 16:15

Updated : 2024-11-21 05:14


NVD link : CVE-2020-24246

Mitre link : CVE-2020-24246

CVE.ORG link : CVE-2020-24246


JSON object : View

Products Affected

peplink

  • max_br1_mini_firmware
  • balance_50_firmware
  • max_br1_pro_firmware
  • max_br1_ip55_firmware
  • max_hotspot_firmware
  • balance_30_lte
  • max_hd2_ip67_firmware
  • balance_310
  • balance_580_firmware
  • balance_310_firmware
  • max_br2_firmware
  • max_transit_mini
  • balance_310x
  • balance_30
  • max_br1_mk2_firmware
  • max_br1_ent_firmware
  • max_br1_mk2
  • balance_2500_firmware
  • max_transit_firmware
  • max_hd2
  • max_br1__ip67
  • max_br1_ip55
  • max_br1_pro
  • max_hd4_firmware
  • ubr_lte
  • balance_380_firmware
  • fusionhub
  • balance_210
  • balance_580
  • mediafast_500_firmware
  • max_hd2_dome_firmware
  • fusionhub_firmware
  • max_hd1_dome_firmware
  • max_hd1_dome
  • speedfusion_sfe_cam
  • balance_2500
  • mbx_firmware
  • balance_two
  • balance_20
  • balance_30_pro_firmware
  • balance_1350
  • balance_30_lte_firmware
  • sdx
  • max_br2_ip55_firmware
  • max_hotspot
  • balance_380
  • max_700
  • surf_soho_mk3_firmware
  • speedfusion_sfe
  • surf_soho_mk3
  • balance_one_firmware
  • max_br1__ip67_firmware
  • max_hd2_mini
  • max_br1_mini
  • ubr_lte_firmware
  • max_hd4_ip67
  • max_on-the-go
  • epx
  • balance_50
  • max_hd2_dome
  • mediafast_hd4_firmware
  • mediafast_500
  • max_hd4_ip67_firmware
  • max_br2
  • balance_310x_firmware
  • max_br1_slim
  • speedfusion_sfe_firmware
  • balance_30_pro
  • max_br1_classic_firmware
  • mediafast_hd2
  • max_br1_slim_firmware
  • max_hd2_firmware
  • balance_one
  • balance_710_firmware
  • mediafast_hd2_firmware
  • mediafast_750_firmware
  • max_700_firmware
  • mediafast_200
  • mediafast_hd4
  • balance_20x_firmware
  • balance_20x
  • balance_1350_firmware
  • max_br1_classic
  • max_hd2_mini_firmware
  • mbx
  • surf_soho
  • sdx_firmware
  • max_br1_m2m
  • max_hd4
  • max_transit_duo
  • balance_two_firmware
  • balance_30_firmware
  • epx_firmware
  • speedfusion_sfe_cam_firmware
  • balance_305_firmware
  • mediafast_200_firmware
  • max_transit_mini_firmware
  • balance_210_firmware
  • max_hd2_ip67
  • balance_710
  • max_on-the-go_firmware
  • max_br1_ent
  • mediafast_750
  • max_br2_ip55
  • max_br1_m2m_firmware
  • balance_305
  • balance_20_firmware
  • surf_soho_firmware
  • max_transit_duo_firmware
  • max_transit