VYPR
High severity8.8NVD Advisory· Published Nov 4, 2020· Updated Jun 17, 2026

CVE-2020-27692

CVE-2020-27692

Description

The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0516 contains multiple CSRF vulnerabilities within its web management portal. Attackers can, for example, use this to update the TR-069 configuration server settings (responsible for managing devices remotely). This makes it possible to remotely reboot the device or upload malicious firmware.

Affected products

2
  • Relish (Verve Connect)/VH510description
  • Relish/VH510llm-create
    Range: <1.0.1.6L0516

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.