How severe is CVE-2020-3150?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.9 out of 10.

What type of vulnerability is CVE-2020-3150?

This is classified as CWE-285, which is a common weakness in software security.

CVE-2020-3150 - MEDIUM Severity | CVSS 5.9

Vulnerability Description

A vulnerability in the web-based management interface of Cisco Small Business RV110W and RV215W Series Routers could allow an unauthenticated, remote attacker to download sensitive information from the device, which could include the device configuration. The vulnerability is due to improper authorization of an HTTP request. An attacker could exploit this vulnerability by accessing a specific URI on the web-based management interface of the router, but only after any valid user has opened a specific file on the device since the last reboot. A successful exploit would allow the attacker to view sensitive information, which should be restricted.

Related Vulnerabilities

CVE-2019-18827

MEDIUM

CVSS:5.9(Medium)

On Barco ClickShare Button R9861500D01 devices (before firmware version 1.9.0) JTAG access is disabled after ROM code execution. This means that JTAG access is possible when the system is running code...

CWE-2852019

CVE-2024-12483

MEDIUM

CVSS:5.9(Medium)

A vulnerability classified as problematic has been found in Dromara UJCMS up to 9.6.3. This affects an unknown part of the file /users/id of the component User ID Handler. The manipulation leads to au...

CWE-2852024

CVE-2024-21166

MEDIUM

CVSS:5.9(Medium)

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows ...

CWE-2852024

CVE-2025-29778

MEDIUM

CVSS:5.8(Medium)

Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to version 1.14.0-alpha.1, Kyverno ignores subjectRegExp and IssuerRegExp while verifying artifact's sign with ke...

CWE-2852025

CVE-2022-22268

MEDIUM

CVSS:6.1(Medium)

Incorrect implementation of Knox Guard prior to SMR Jan-2022 Release 1 allows physically proximate attackers to temporary unlock the Knox Guard via Samsung DeX mode.

CWE-2852022

CVE-2023-41819

MEDIUM

CVSS:6.1(Medium)

A PendingIntent hijacking vulnerability was reported in the Motorola Face Unlock application that could allow a local attacker to access unauthorized content providers.

CWE-2852023