CVE-2020-27692

The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0516 contains multiple CSRF vulnerabilities within its web management portal. Attackers can, for example, use this to update the TR-069 configuration server settings (responsible for managing devices remotely). This makes it possible to remotely reboot the device or upload malicious firmware.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:imomobile:verve_connect_vh510_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:imomobile:verve_connect_vh510:l0am095a:*:*:*:*:*:*:*

Information

Published : 2020-11-04 13:15

Updated : 2020-11-10 09:12


NVD link : CVE-2020-27692

Mitre link : CVE-2020-27692


JSON object : View

CWE
CWE-352

Cross-Site Request Forgery (CSRF)

Advertisement

dedicated server usa

Products Affected

imomobile

  • verve_connect_vh510
  • verve_connect_vh510_firmware