CVE-2020-28993

HIGH

ATX Minicmts200a Firmware < 2.0 - Path Traversal

Title source: rule

Description

A Directory Traversal vulnerability exists in ATX miniCMTS200a Broadband Gateway through 2.0 and Pico CMTS through 2.0. Successful exploitation of this vulnerability would allow an unauthenticated attacker to retrieve administrator credentials by sending a malicious POST request.

Exploits (1)

exploitdb WORKING POC

by Zagros Bingol · pythonwebappshardware

https://www.exploit-db.com/exploits/49124

View Code ZIP pw:eip

References (2)

[Product, Vendor Advisory] https://atx.com/products/commercial-services-gateways/minicmts200a-broadband-gateway/

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/49124

Scores

CVSS v3 7.5

EPSS 0.1323

EPSS Percentile 94.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-22

Status published

Products (1)

atx/minicmts200a_firmware < 2.0

Published Dec 01, 2020

Tracked Since Feb 18, 2026