CVE-2020-12733 - OpenCVE

Certain Shenzhen PENGLIXIN components on DEPSTECH WiFi Digital Microscope 3, as used by Shekar Endoscope, allow a TELNET connection with the molinkadmin password for the molink account.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Depstech	Wifi Digital Microscope 3 Firmware Wifi Digital Microscope 3

Configuration 1 [-]

AND

cpe:2.3:o:depstech:wifi_digital_microscope_3_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:depstech:wifi_digital_microscope_3:-:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/ethanhunnt/IoT_vulnerabilities/blob/master/Depstech%20Microscope%20Smart%20Kid%20Toy.pdf	Exploit Third Party Advisory
https://www.depstech.com/mw001-s02-wifi-usb-digital-microscope	Broken Link Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2021-07-15T15:04:04

Updated: 2021-07-15T15:04:04

Reserved: 2020-05-08T00:00:00

Link: CVE-2020-12733

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-07-15T16:15:09.317

Modified: 2021-08-10T14:45:19.867

Link: CVE-2020-12733

JSON object: View

Redhat Information

No data.

CWE

CWE-863

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Certain Shenzhen PENGLIXIN components on DEPSTECH WiFi Digital Microscope 3, as used by Shekar Endoscope, allow a TELNET connection with the molinkadmin password for the molink account."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-07-15T15:04:04", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.depstech.com/mw001-s02-wifi-usb-digital-microscope"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/ethanhunnt/IoT_vulnerabilities/blob/master/Depstech%20Microscope%20Smart%20Kid%20Toy.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-12733", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Certain Shenzhen PENGLIXIN components on DEPSTECH WiFi Digital Microscope 3, as used by Shekar Endoscope, allow a TELNET connection with the molinkadmin password for the molink account."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.depstech.com/mw001-s02-wifi-usb-digital-microscope", "refsource": "MISC", "url": "https://www.depstech.com/mw001-s02-wifi-usb-digital-microscope"}, {"name": "https://github.com/ethanhunnt/IoT_vulnerabilities/blob/master/Depstech%20Microscope%20Smart%20Kid%20Toy.pdf", "refsource": "MISC", "url": "https://github.com/ethanhunnt/IoT_vulnerabilities/blob/master/Depstech%20Microscope%20Smart%20Kid%20Toy.pdf"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-12733", "datePublished": "2021-07-15T15:04:04", "dateReserved": "2020-05-08T00:00:00", "dateUpdated": "2021-07-15T15:04:04", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:depstech:wifi_digital_microscope_3_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "FE887894-0D06-4D94-B23C-E2F4563245A9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:depstech:wifi_digital_microscope_3:-:*:*:*:*:*:*:*", "matchCriteriaId": "7864B275-FCE1-46FE-9B05-D61D6DA4B95F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Certain Shenzhen PENGLIXIN components on DEPSTECH WiFi Digital Microscope 3, as used by Shekar Endoscope, allow a TELNET connection with the molinkadmin password for the molink account."}, {"lang": "es", "value": "Determinados componentes de PENGLIXIN de Shenzhen el Microscopio Digital WiFi 3 de DEPSTECH, como el usado por Shekar Endoscope, permiten una conexi\u00f3n TELNET con la contrase\u00f1a molinkadmin para la cuenta molink"}], "id": "CVE-2020-12733", "lastModified": "2021-08-10T14:45:19.867", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-07-15T16:15:09.317", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/ethanhunnt/IoT_vulnerabilities/blob/master/Depstech%20Microscope%20Smart%20Kid%20Toy.pdf"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Vendor Advisory"], "url": "https://www.depstech.com/mw001-s02-wifi-usb-digital-microscope"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "nvd@nist.gov", "type": "Primary"}]}