Easergy T300 Firmware Vulnerability: Webserver Service Disabling via Crafted Network Packets

Easergy T300 Firmware Vulnerability: Webserver Service Disabling via Crafted Network Packets

CVE-2020-7504 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

A CWE-20: Improper Input Validation vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to disable the webserver service on the device when specially crafted network packets are sent.

Learn more about our Web App Pen Testing.