PT-2022-8646 · Xiongmai Technology · Ahb7804R-Els+5

Published

2022-04-06

Updated

2022-04-15

CVE-2020-22253

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Xiongmai Technology Co devices versions AHB7008T-MH-V2, AHB7804R-ELS, AHB7804R-MH-V2, AHB7808R-MS-V2, AHB7808R-MS, AHB7808T-MS-V2, AHB7804R-LMS, and HI3518E 50H10L S39

Description The issue allows unauthenticated attackers to make arbitrary Telnet connections with the victim device through port 9530.

Recommendations For devices AHB7008T-MH-V2, AHB7804R-ELS, AHB7804R-MH-V2, AHB7808R-MS-V2, AHB7808R-MS, AHB7808T-MS-V2, AHB7804R-LMS, and HI3518E 50H10L S39, consider closing port 9530 to prevent unauthenticated access. As a temporary workaround, restrict Telnet connections to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-22253

Affected Products

Ahb7008T-Mh-V2

Ahb7804R-Els

Ahb7804R-Mh-V2

Ahb7808R-Ms

Ahb7808R-Ms-V2

Hi3518E 50H10L S39

PT-2022-8646 · Xiongmai Technology · Ahb7804R-Els+5

CVE-2020-22253

Related Identifiers

Affected Products

References · 6