CVE-2020-7561

Name of the Vulnerable Software and Affected Versions Easergy T300 versions 2.7 and older

Description A missing authentication for critical function issue exists, which could cause problems including information exposure, denial of service, and command execution when access to a resource from an attacker is not restricted or incorrectly restricted. This is related to improper access control, allowing a remote attacker to gain unauthorized access to protected information, cause a denial of service, or execute arbitrary commands.

Recommendations For Easergy T300 versions 2.7 and older, consider restricting access to critical functions until a patch or firmware update is available. As a temporary workaround, limit access to the device to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.