Vulnerabilities > CVE-2020-8973 - Unspecified vulnerability in Zigor ZGR Tps200 NG Firmware 2.00

CVSS 8.1 - HIGH

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

NONE

low complexity

zigor

NVD

Published: 2022-10-17

Updated: 2023-11-20

Summary

ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, does not properly accept specially constructed requests. This allows an attacker with access to the network where the affected asset is located, to operate and change several parameters without having to be registered as a user on the web that owns the device.

Vulnerable Configurations

Part	Description	Count
OS	Zigor Zigor ZGR Tps200 NG Firmware 2.00	1
Hardware	Zigor Zigor ZGR Tps200 NG 1.01	1

References

https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-zgr-tps200-ng