CVE-2020-29380
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. TELNET is offered by default but SSH is not always available. An attacker can intercept passwords sent in cleartext and conduct a man-in-the-middle attack on the management of the appliance.
Se detectó un problema en los dispositivos OLT V-SOL V1600D versiones V2.03.69 y V2.03.57, V1600D4L versión V1.01.49, V1600D-MINI versión V1.01.48, V1600G1 versiones V2.0.7 y V1.9.7, y V1600G2 versión V1.1.4. TELNET es ofrecido por defecto, pero SSH no siempre está disponible. Un atacante puede interceptar contraseñas enviadas en texto plano y conducir un ataque de tipo man-in-the-middle en la administración del dispositivo
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-11-29 CVE Reserved
- 2020-11-29 CVE Published
- 2024-08-04 CVE Updated
- 2024-12-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-319: Cleartext Transmission of Sensitive Information
- CWE-522: Insufficiently Protected Credentials
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://seclists.org/fulldisclosure/2020/Jul/14 | Mailing List |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Vsolcn Search vendor "Vsolcn" | V1600d Firmware Search vendor "Vsolcn" for product "V1600d Firmware" | 2.03.57 Search vendor "Vsolcn" for product "V1600d Firmware" and version "2.03.57" | - |
Affected
| in | Vsolcn Search vendor "Vsolcn" | V1600d Search vendor "Vsolcn" for product "V1600d" | - | - |
Safe
|
| Vsolcn Search vendor "Vsolcn" | V1600d Firmware Search vendor "Vsolcn" for product "V1600d Firmware" | 2.03.69 Search vendor "Vsolcn" for product "V1600d Firmware" and version "2.03.69" | - |
Affected
| in | Vsolcn Search vendor "Vsolcn" | V1600d Search vendor "Vsolcn" for product "V1600d" | - | - |
Safe
|
| Vsolcn Search vendor "Vsolcn" | V1600d4l Firmware Search vendor "Vsolcn" for product "V1600d4l Firmware" | 1.01.49 Search vendor "Vsolcn" for product "V1600d4l Firmware" and version "1.01.49" | - |
Affected
| in | Vsolcn Search vendor "Vsolcn" | V1600d4l Search vendor "Vsolcn" for product "V1600d4l" | - | - |
Safe
|
| Vsolcn Search vendor "Vsolcn" | V1600d-mini Firmware Search vendor "Vsolcn" for product "V1600d-mini Firmware" | 1.01.48 Search vendor "Vsolcn" for product "V1600d-mini Firmware" and version "1.01.48" | - |
Affected
| in | Vsolcn Search vendor "Vsolcn" | V1600d-mini Search vendor "Vsolcn" for product "V1600d-mini" | - | - |
Safe
|
| Vsolcn Search vendor "Vsolcn" | V1600g1 Firmware Search vendor "Vsolcn" for product "V1600g1 Firmware" | 1.9.7 Search vendor "Vsolcn" for product "V1600g1 Firmware" and version "1.9.7" | - |
Affected
| in | Vsolcn Search vendor "Vsolcn" | V1600g1 Search vendor "Vsolcn" for product "V1600g1" | - | - |
Safe
|
| Vsolcn Search vendor "Vsolcn" | V1600g1 Firmware Search vendor "Vsolcn" for product "V1600g1 Firmware" | 2.0.7 Search vendor "Vsolcn" for product "V1600g1 Firmware" and version "2.0.7" | - |
Affected
| in | Vsolcn Search vendor "Vsolcn" | V1600g1 Search vendor "Vsolcn" for product "V1600g1" | - | - |
Safe
|
| Vsolcn Search vendor "Vsolcn" | V1600g2 Firmware Search vendor "Vsolcn" for product "V1600g2 Firmware" | 1.1.4 Search vendor "Vsolcn" for product "V1600g2 Firmware" and version "1.1.4" | - |
Affected
| in | Vsolcn Search vendor "Vsolcn" | V1600g2 Search vendor "Vsolcn" for product "V1600g2" | - | - |
Safe
|