How severe is CVE-2020-11915?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.8 out of 10.

What type of vulnerability is CVE-2020-11915?

This is classified as CWE-1188, which is a common weakness in software security.

CVE-2020-11915 - MEDIUM Severity | CVSS 6.8

Vulnerability Description

An issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3.14. By sending a set_params.cgi?telnetd=1&save=1&reboot=1 request to the webserver, it is possible to enable the telnet interface on the device. The telnet interface can then be used to obtain access to the device with root privileges via a reecam4debug default password. This default telnet password is the same across all Siime Eye devices. In order for the attack to be exploited, an attacker must be physically close in order to connect to the device's Wi-Fi access point.

Related Vulnerabilities

CVE-2020-8705

MEDIUM

CVSS:6.8(Medium)

Insecure default initialization of resource in Intel(R) Boot Guard in Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions ...

CWE-11882020

CVE-2025-2442

MEDIUM

CVSS:6.8(Medium)

CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could potentially lead to unauthorized access which could result in the loss of confidentially, integrity and ...

CWE-11882025

CVE-2025-46599

MEDIUM

CVSS:6.8(Medium)

CNCF K3s 1.32 before 1.32.4-rc1+k3s1 has a Kubernetes kubelet configuration change with the unintended consequence that, in some situations, ReadOnlyPort is set to 10255. For example, the default beha...

CWE-11882025

CVE-2021-0114

MEDIUM

CVSS:6.7(Medium)

Unchecked return value in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.

CWE-11882021

CVE-2021-0144

MEDIUM

CVSS:6.7(Medium)

Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged user to potentially enable an escalation of privilege via local access.

CWE-11882021

CVE-2023-48733

MEDIUM

CVSS:6.7(Medium)

An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an OS-resident attacker to bypass Secure Boot.

CWE-11882023