Lucene search

[email protected]CVE-2020-21933

HistoryJul 21, 2021 - 3:15 p.m.

CVE-2020-21933

2021-07-2115:15:12

CWE-532

[email protected]

web.nvd.nist.gov

motorola

cx2 router

cve-2020-21933

security issue

password exposure

private key exposure

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.6 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.8%

JSON

An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where the admin password and private key could be found in the log tar package.

Affected configurations

NVD

Node

motorolacx2_firmwareMatch1.0.2

AND

motorolacx2Match-

CPENameOperatorVersion
motorola:cx2_firmwaremotorola cx2 firmwareeq1.0.2

CPE	Name	Operator	Version
motorola:cx2_firmware	motorola cx2 firmware	eq	1.0.2

References

github.com/cc-crack/router/blob/master/motocx2.md

l0n0l.xyz/post/motocx2/

Social References

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.6 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.8%

JSON

Related for CVE-2020-21933

prion1 nvd1 cvelist1