MidnightBSD

Advisories for ave

CVE-2020-21991 HIGH

AVE DOMINAplus <=1.10.x suffers from an authentication bypass vulnerability due to missing control check when directly calling the autologin GET parameter in changeparams.php script. Setting the autologin value to 1 allows an unauthenticated attacker to permanently disable the authentication security control and access the management interface with admin privileges without providing credentials.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-287,

Products Affected

Vendor Product Version
ave ts01_firmware 1.0.65
ave 53ab-wbs_firmware 1.10.62
ave ts05_firmware 1.10.36
ave ts04x-v_firmware 1.10.45a
ave dominaplus *
ave ts05n-v_firmware -
ave ts03x-v_firmware 1.10.45a
CVE-2020-21994 HIGH

AVE DOMINAplus <=1.10.x suffers from clear-text credentials disclosure vulnerability that allows an unauthenticated attacker to issue a request to an unprotected directory that hosts an XML file '/xml/authClients.xml' and obtain administrative login information that allows for a successful authentication bypass attack.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-522,

Products Affected

Vendor Product Version
ave ts01_firmware 1.0.65
ave 53ab-wbs_firmware 1.10.62
ave ts05_firmware 1.10.36
ave ts04x-v_firmware 1.10.45a
ave dominaplus *
ave ts05n-v_firmware -
ave ts03x-v_firmware 1.10.45a
CVE-2020-21996 MEDIUM

AVE DOMINAplus <=1.10.x suffers from an unauthenticated reboot command execution. Attackers can exploit this issue to cause a denial of service scenario.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-306,

Products Affected

Vendor Product Version
ave ts01_firmware 1.0.65
ave 53ab-wbs_firmware 1.10.62
ave ts05_firmware 1.10.36
ave ts04x-v_firmware 1.10.45a
ave dominaplus *
ave ts05n-v_firmware -
ave ts03x-v_firmware 1.10.45a