CVE-2020-10625

Severity CVSS v4.0:
Pending analysis
Type:
CWE-306 Missing Authentication for Critical Function
Publication date:
09/04/2020
Last modified:
10/04/2020

Description

WebAccess/NMS (versions prior to 3.0.2) allows an unauthenticated remote user to create a new admin account.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:advantech:webaccess\/nms:*:*:*:*:*:*:*:* 3.0.2 (excluding)


References to Advisories, Solutions, and Tools