CVE-2020-27692

by Fred · 04/11/2020

The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0516 contains multiple CSRF vulnerabilities within its web management portal. Attackers can, for example, use this to update the TR-069 configuration server settings (responsible for managing devices remotely). This makes it possible to remotely reboot the device or upload malicious firmware.

Date published : 2020-11-04

https://6point6.co.uk/insights/security-advisory-relish-4g-hub-vh510/

https://6point6.co.uk/wp-content/uploads/2020/10/Relish-4G-VH510-Hub-Full-Disclosure-v1.3.pdf

CVE-2020-27692

Similar

Recent Posts

Categories

CVE-2020-27692

Share this:

Similar

Recent Posts

Categories

Tags