How severe is CVE-2020-3924?

CVE-2020-3924 has a CVSS v3 score of 6.4 (MEDIUM).

CVE-2020-3924

6.4MEDIUM

DVR firmware in TAT-76 and TAT-77 series of products, provided by TONNET do not properly verify patch files. Attackers can inject a specific command into a patch file and gain access to the system.

发布于: 2/27/2020更新于: 11/21/2024

描述

DVR firmware in TAT-76 and TAT-77 series of products, provided by TONNET do not properly verify patch files. Attackers can inject a specific command into a patch file and gain access to the system.

AI分析AI驱动

受影响产品

tonnettat-77104g1_firmware

tonnettat-77104g1

tonnettat-70432n_firmware

tonnettat-70432n

tonnettat-71416g1_firmware

tonnettat-71416g1

tonnettat-71832g1_firmware

tonnettat-71832g1

tonnettat-76104g3_firmware

tonnettat-76104g3

tonnettat-76108g3_firmware

tonnettat-76108g3

tonnettat-76116g3_firmware

tonnettat-76116g3

tonnettat-76132g3_firmware

tonnettat-76132g3

参考资料

https://tvn.twcert.org.tw/taiwanvn/TVN-201910004
Third Party Advisory
https://www.chtsecurity.com/news/4ef5eb3a-fdc3-4d78-8dd7-ec7213e2bbcf
Third Party Advisory
https://tvn.twcert.org.tw/taiwanvn/TVN-201910004
Third Party Advisory
https://www.chtsecurity.com/news/4ef5eb3a-fdc3-4d78-8dd7-ec7213e2bbcf
Third Party Advisory