CVE-2020-6803

Summary

An open redirect is present on the gateway's login page, which could cause a user to be redirected to a malicious site after logging in.

Affected Software

VendorProductVersion RangeStatus
MozillaWebThings Gateway0.3.0 < 0.3.0*affected
MozillaWebThings Gateway0.12.0 < 0.12.0affected

Weaknesses

  • CWE-601: CWE-601 URL Redirection to Untrusted Site ('Open Redirect')

Workarounds

  • Never share your gateway address publicly.
  • Never click on links which take you to your gateway, especially to the login page.

ADP Enrichment

CVE Program Container

Additional References

References