Firmware Upload Vulnerability in ZGR TPS200 NG 2.00 Firmware Version and 1.01 Hardware Version

Firmware Upload Vulnerability in ZGR TPS200 NG 2.00 Firmware Version and 1.01 Hardware Version

CVE-2020-8974 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

In ZGR TPS200 NG 2.00 firmware version and 1.01 hardware version, the firmware upload process does not perform any type of restriction. This allows an attacker to modify it and re-upload it via web with malicious modifications, rendering the device unusable.

Learn more about our Web App Pen Testing.