CVE-2020-6803
5.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Summary
An open redirect is present on the gateway's login page, which could cause a user to be redirected to a malicious site after logging in.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Mozilla | WebThings Gateway | 0.3.0 < 0.3.0* | affected |
| Mozilla | WebThings Gateway | 0.12.0 < 0.12.0 | affected |
Weaknesses
- CWE-601: CWE-601 URL Redirection to Untrusted Site ('Open Redirect')
Workarounds
- Never share your gateway address publicly.
- Never click on links which take you to your gateway, especially to the login page.
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.