CVE-2020-11542
CRITICAL3xLOGIC Infinias eIDC32 2.213 with Web 1.107 - Authentication Bypass via CMD.HTM Endpoint
Title source: llmDescription
3xLOGIC Infinias eIDC32 2.213 devices with Web 1.107 allow Authentication Bypass via CMD.HTM?CMD= because authentication depends on the client side's interpretation of the <KEY>MYKEY</KEY> substring.
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://www.criticalstart.com/authentication-bypass-vulnerability-discovered-in-infinias-eidc32-webserver/
Scores
CVSS v3
9.8
EPSS
0.0098
EPSS Percentile
57.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-287
CWE-319
Status
published
Products (2)
3xlogic/infinias_eidc32_firmware
2.213
3xlogic/infinias_eidc32_web
1.107
Published
Apr 04, 2020
Tracked Since
Feb 18, 2026