CVE-2020-36915 (CNNVD-202601-1028)

HIGH
中文标题:
Adtec Digital SignEdje Digital Signage Player 安全漏洞
英文标题:
Adtec Digital SignEdje Digital Signage Player v2.08.28 Default Credentials
CVSS分数: 8.7
发布时间: 2026-01-06 15:52:24
漏洞类型: 其他
状态: PUBLISHED
数据质量分数: 0.40
数据版本: v3
漏洞描述
中文描述:

Adtec Digital SignEdje Digital Signage Player是美国Adtec Digital公司的一个数字标牌播放器。 Adtec Digital SignEdje Digital Signage Player v2.08.28版本存在安全漏洞,该漏洞源于存在多个硬编码默认凭据,可能导致获得root级别访问权限并执行系统命令。

英文描述:

Adtec Digital SignEdje Digital Signage Player v2.08.28 contains multiple hardcoded default credentials that allow unauthenticated remote access to web, telnet, and SSH interfaces. Attackers can exploit these credentials to gain root-level access and execute system commands across multiple Adtec Digital product versions.

CWE类型:
CWE-1392 CWE-798
标签:
(暂无数据)
受影响产品
厂商 产品 版本 版本范围 平台 CPE
Adtecdigital SignEdje Digital Signage Player 2.08.28 - - cpe:2.3:a:adtecdigital:signedje_digital_signage_player:2.08.28:*:*:*:*:*:*:*
Adtecdigital mediaHUB HD-Pro High & Standard Definition MPEG2 Encoder 3.07.19 - - cpe:2.3:a:adtecdigital:mediahub_hd-pro_high_&_standard_definition_mpeg2_encoder:3.07.19:*:*:*:*:*:*:*
Adtecdigital afiniti Multi-Carrier Platform 1905_11 - - cpe:2.3:a:adtecdigital:afiniti_multi-carrier_platform:1905_11:*:*:*:*:*:*:*
Adtecdigital EN-31 Dual Channel DSNG Encoder / Modulator 2.01.15 - - cpe:2.3:a:adtecdigital:en-31_dual_channel_dsng_encoder___modulator:2.01.15:*:*:*:*:*:*:*
Adtecdigital EN-210 Multi-CODEC 10-bit Encoder / Modulator 3.00.29 - - cpe:2.3:a:adtecdigital:en-210_multi-codec_10-bit_encoder___modulator:3.00.29:*:*:*:*:*:*:*
Adtecdigital EN-200 1080p AVC Low Latency Encoder / Modulator 3.00.29 - - cpe:2.3:a:adtecdigital:en-200_1080p_avc_low_latency_encoder___modulator:3.00.29:*:*:*:*:*:*:*
Adtecdigital ED-71 10-bit / 1080p Integrated Receiver Decoder 2.02.24 - - cpe:2.3:a:adtecdigital:ed-71_10-bit___1080p_integrated_receiver_decoder:2.02.24:*:*:*:*:*:*:*
Adtecdigital edje-5110 Standard Definition MPEG2 Encoder 1.02.05 - - cpe:2.3:a:adtecdigital:edje-5110_standard_definition_mpeg2_encoder:1.02.05:*:*:*:*:*:*:*
Adtecdigital edje-4111 HD Digital Media Player 2.07.09 - - cpe:2.3:a:adtecdigital:edje-4111_hd_digital_media_player:2.07.09:*:*:*:*:*:*:*
Adtecdigital Soloist HD-Pro Broadcast Decoder 2.07.09 - - cpe:2.3:a:adtecdigital:soloist_hd-pro_broadcast_decoder:2.07.09:*:*:*:*:*:*:*
Adtecdigital adManage Traffic & Media Management Application 2.5.4 - - cpe:2.3:a:adtecdigital:admanage_traffic_&_media_management_application:2.5.4:*:*:*:*:*:*:*
解决方案
中文解决方案:
(暂无数据)
英文解决方案:
(暂无数据)
临时解决方案:
(暂无数据)
参考链接
ExploitDB-48954 exploit
cve.org
访问
Adtec Digital Official Homepage product
cve.org
访问
Zero Science Lab Disclosure (ZSL-2020-5603) third-party-advisory
cve.org
访问
Packet Storm Security Exploit Entry exploit
cve.org
访问
IBM X-Force Vulnerability Exchange vdb-entry
cve.org
访问
VulnCheck Advisory: Adtec Digital SignEdje Digital Signage Player v2.08.28 Default Credentials third-party-advisory
cve.org
访问
CVSS评分详情
4.0 (cna)
HIGH
8.7
CVSS向量: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
机密性
HIGH
完整性
NONE
可用性
NONE
后续系统影响 (Subsequent):
机密性
NONE
完整性
NONE
可用性
NONE
3.1 (cna)
HIGH
7.5
CVSS向量: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
机密性
HIGH
完整性
NONE
可用性
NONE
时间信息
发布时间:
2026-01-06 15:52:24
修改时间:
2026-01-06 19:42:42
创建时间:
2026-01-12 02:07:50
更新时间:
2026-01-19 09:29:33
利用信息
暂无可利用代码信息
数据源详情
数据源 记录ID 版本 提取时间
CVE cve_CVE-2020-36915 2026-01-07 02:47:00 2026-01-12 02:07:50
NVD nvd_CVE-2020-36915 2026-01-09 03:00:08 2026-01-12 02:26:32
CNNVD cnnvd_CNNVD-202601-1028 2026-01-11 06:15:07 2026-01-12 02:38:11
版本与语言
当前版本: v3
主要语言: EN
支持语言:
EN ZH
安全公告
暂无安全公告信息
变更历史
v3 CNNVD
2026-01-12 02:38:11
vulnerability_type: 未提取 → 其他; cnnvd_id: 未提取 → CNNVD-202601-1028; data_sources: ['cve', 'nvd'] → ['cnnvd', 'cve', 'nvd']
查看详细变更
  • vulnerability_type: 未提取 -> 其他
  • cnnvd_id: 未提取 -> CNNVD-202601-1028
  • data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
v2 NVD
2026-01-12 02:26:32
data_sources: ['cve'] → ['cve', 'nvd']
查看详细变更
  • data_sources: ['cve'] -> ['cve', 'nvd']