CVE-2020-18330
Severity CVSS v4.0:
Pending analysis
Type:
CWE-22
Path Traversal
Publication date:
26/01/2023
Last modified:
01/04/2025
Description
An issue was discovered in the default configuration of ChinaMobile PLC Wireless Router model GPN2.4P21-C-CN running the firmware version W2000EN-01(hardware platform Gpn2.4P21-C_WIFI-V0.05), allows attackers to gain access to the configuration interface.
Impact
Base Score 3.x
9.10
Severity 3.x
CRITICAL
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:chinamobileltd:gpn2.4p21-c-cn_firmware:w2000en-01:*:*:*:*:*:*:* | ||
| cpe:2.3:h:chinamobileltd:gpn2.4p21-c-cn:0.05:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://github.com/cybertoxin/CVEs/blob/main/CVE_2020_18330.md
- https://medium.com/%40SergiuSechel/insecure-permissions-and-multiple-vulnerabilities-in-chinamobile-plc-wireless-routers-leaves-more-d3eb9ff70d24
- https://github.com/cybertoxin/CVEs/blob/main/CVE_2020_18330.md
- https://medium.com/%40SergiuSechel/insecure-permissions-and-multiple-vulnerabilities-in-chinamobile-plc-wireless-routers-leaves-more-d3eb9ff70d24