- Description
- A Directory Traversal vulnerability exists in ATX miniCMTS200a Broadband Gateway through 2.0 and Pico CMTS through 2.0. Successful exploitation of this vulnerability would allow an unauthenticated attacker to retrieve administrator credentials by sending a malicious POST request.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
- nvd@nist.gov
- CWE-22
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:atx:minicmts200a_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3CB12F03-47C8-400D-B2F0-A39D853C1FD4",
"versionEndIncluding": "2.0"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:atx:minicmts200a:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B1F97F51-8C9F-4695-B391-FEB9B773BDAE"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]