Vulnerabilities > CVE-2020-16206 - Unspecified vulnerability in Redlion N-Tron 702-W Firmware and N-Tron 702M12-W Firmware

CVSS 9.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

redlion

critical

NVD

Published: 2020-09-01

Updated: 2024-11-21

Summary

The affected product is vulnerable to stored cross-site scripting, which may allow an attacker to remotely execute arbitrary code to gain access to sensitive data on the N-Tron 702-W / 702M12-W (all versions).

Vulnerable Configurations

Part	Description	Count
OS	Redlion Redlion N Tron 702 W Firmware * Redlion N Tron 702M12 W Firmware *	2
Hardware	Redlion Redlion N Tron 702 W - Redlion N Tron 702M12 W -	2

References

http://packetstormsecurity.com/files/159064/Red-Lion-N-Tron-702-W-702M12-W-2.0.26-XSS-CSRF-Shell.html
http://packetstormsecurity.com/files/159064/Red-Lion-N-Tron-702-W-702M12-W-2.0.26-XSS-CSRF-Shell.html
http://seclists.org/fulldisclosure/2020/Sep/6
http://seclists.org/fulldisclosure/2020/Sep/6
https://us-cert.cisa.gov/ics/advisories/icsa-20-240-01
https://us-cert.cisa.gov/ics/advisories/icsa-20-240-01