Vulnerabilities > CVE-2020-22253 - Unspecified vulnerability in Xiongmaitech products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

xiongmaitech

NVD

Published: 2022-04-06

Updated: 2022-04-15

Summary

Xiongmai Technology Co devices AHB7008T-MH-V2, AHB7804R-ELS, AHB7804R-MH-V2, AHB7808R-MS-V2, AHB7808R-MS, AHB7808T-MS-V2, AHB7804R-LMS, and HI3518E_50H10L_S39 were all discovered to have port 9530 open which allows unauthenticated attackers to make arbitrary Telnet connections with the victim device.

Vulnerable Configurations

Part	Description	Count
OS	Xiongmaitech Xiongmaitech Ahb7008T MH V2 Firmware 4.02.R11.7601.Nat.Onvifc.20170420 Xiongmaitech Ahb7804R ELS Firmware 4.02.R11.Nat.Onvifc.20160422 Xiongmaitech Ahb7804R MH V2 Firmware 4.02.R11.7601.Nat.Onvifc.20170424 Xiongmaitech Ahb7808R MS V2 Firmware 4.02.R11.Nat.Onvifc.20170327 Xiongmaitech Ahb7808R MS Firmware 4.02.R11.Nat.Onvifc.20170328 Xiongmaitech Ahb7808T MS V2 Firmware 4.02.R11.Nat.Onvifc.20161205 Xiongmaitech Ahb7804R LMS Firmware 4.02.R11.Nat.Onvifc.20170301 Xiongmaitech Hi3518E 50H10L S39 Firmware 4.02.R12.Nat.Onvifs.20170727_All	8
Hardware	Xiongmaitech Xiongmaitech Ahb7008T MH V2 - Xiongmaitech Ahb7804R ELS - Xiongmaitech Ahb7804R MH V2 - Xiongmaitech Ahb7808R MS V2 - Xiongmaitech Ahb7808R MS - Xiongmaitech Ahb7808T MS V2 - Xiongmaitech Ahb7804R LMS - Xiongmaitech Hi3518E 50H10L S39 -	8

References

http://www.xiongmaitech.com/en/index.php/news/info/12/68