Unrated severityNVD Advisory· Published Oct 7, 2020· Updated Aug 4, 2024

CVE-2020-24246

Description

Peplink Balance before 8.1.0rc1 allows an unauthenticated attacker to download PHP configuration files (/filemanager/php/connector.php) from Web Admin.

Affected products

Peplink/Balancedescription
Peplink/Balancellm-fuzzy
Range: <8.1.0rc1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

blog.bssi.fr/cve-2020-24246-leaking-source-file-using-the-web-admin-interface-of-peplink-balance/mitrex_refsource_MISC
download.peplink.com/resources/firmware-8.1.0rc1-release-notes.pdfmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000