CVE-2020-29138

Incorrect Access Control in the configuration backup path in SAGEMCOM F@ST3486 NET DOCSIS 3.0, software NET_4.109.0, allows remote unauthenticated users to download the router configuration file via the /backupsettings.conf URI, when any valid session is running.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:sagemcom:f\@st_3486_router_firmware:4.109.0:*:*:*:*:*:*:*
cpe:2.3:h:sagemcom:f\@st_3486_router:3.0:*:*:*:*:*:*:*

Information

Published : 2020-11-27 08:15

Updated : 2021-07-21 04:39


NVD link : CVE-2020-29138

Mitre link : CVE-2020-29138


JSON object : View

CWE
CWE-306

Missing Authentication for Critical Function

Advertisement

dedicated server usa

Products Affected

sagemcom

  • f\@st_3486_router
  • f\@st_3486_router_firmware