CWMP Registration Command Injection Vulnerability in Amino Communications AK Series and Aria Series Devices

CWMP Registration Command Injection Vulnerability in Amino Communications AK Series and Aria Series Devices

CVE-2020-10209 · HIGH Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Command Injection in the CPE WAN Management Protocol (CWMP) registration in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows man-in-the-middle attackers to execute arbitrary commands with root level privileges.

Learn more about our Web Application Penetration Testing UK.