Remote Code Execution Vulnerability in Askey Fiber Router RTF3505VW-N1
CVE-2020-28695

8.8HIGH

Key Information:

Vendor: Askey
Status: Rtf3505vw-n1 Br Sv G000 R3505vwn1001 S32 7 Firmware
Vendor: CVE Published:; 26 March 2021

What is CVE-2020-28695?

The Askey Fiber Router RTF3505VW-N1 is susceptible to a vulnerability that permits remote code execution. By exploiting this flaw, attackers can gain unauthorized access to admin credentials, allowing them to log into the router's dashboard or gain SSH access. This facilitates code execution with root privileges, posing significant security risks to the affected systems.

References

https://cr1pt0.medium.com/cve-2020-28695-8f8d618ac0b

x_refsource_MISC

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 26, 2021
Vulnerability Reserved
Nov 16, 2020