CVE-2020-11951

CRITICAL

Rittal CMCIII-PU-9333E0FB < 3.17.10 and PDU-3C002DEC < 5.17.10 - Use of Hard-coded Credentials

Title source: llm

An issue was discovered on Rittal PDU-3C002DEC through 5.17.10 and CMCIII-PU-9333E0FB through 3.17.10 devices. There is a Backdoor root account.

Core 1

Core References

Exploit, Third Party Advisory x_refsource_misc

CVSS v3 9.8

EPSS 0.0165

EPSS Percentile 73.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-798

Status published

Products (5)

rittal/cmc_iii_pu_7030.000_firmware < 3.15.70_4

rittal/cmciii-pu-9333e0fb_firmware < 3.17.10

rittal/iot_interface_3124.300 < 6.17.00

rittal/lcp-cw_firmware < 3.15.70_4

rittal/pdu-3c002dec_firmware < 5.17.10

Published Jul 14, 2020

Tracked Since Feb 18, 2026