CVE-2020-27149

Summary

By exploiting a vulnerability in NPort IA5150A/IA5250A Series before version 1.5, a user with “Read Only” privilege level can send requests via the web console to have the device’s configuration changed.

Affected Software

VendorProductVersion RangeStatus
n/aNPort IA5000A Series with web console enabledAll versions before 1.5 for NPort IA5150A/IA5250A Series. All version before 2.0 for NPort 5450 Seriesaffected

Weaknesses

  • Improper Access Control

ADP Enrichment

CVE Program Container

Additional References

References