CVE-2020-28993

Name of the Vulnerable Software and Affected Versions ATX miniCMTS200a Broadband Gateway versions through 2.0 Pico CMTS versions through 2.0

Description A Directory Traversal issue exists, allowing an unauthenticated attacker to retrieve administrator credentials by sending a malicious POST request. This could potentially lead to unauthorized access.

Recommendations For ATX miniCMTS200a Broadband Gateway versions through 2.0, consider restricting access to administrator credentials until a patch is available. For Pico CMTS versions through 2.0, avoid using the vulnerable functionality until the issue is resolved. As a temporary workaround, consider disabling the ability to send malicious POST requests to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.