Easergy T300 Firmware 2.7 and Older: Missing Authorization Vulnerability

Easergy T300 Firmware 2.7 and Older: Missing Authorization Vulnerability

CVE-2020-28215 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

A CWE-862: Missing Authorization vulnerability exists in Easergy T300 (firmware 2.7 and older), that could cause a wide range of problems, including information exposures, denial of service, and arbitrary code execution when access control checks are not applied consistently.

Learn more about our Web Application Penetration Testing UK.