CVE-2020-36921

HIGH

RED-V Super Digital Signage System 5.1.1 - Info Disclosure

Title source: llm

Description

RED-V Super Digital Signage System 5.1.1 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive webserver log files. Attackers can visit multiple endpoints to retrieve system resources and debug log information without authentication.

References (6)

[Third Party Advisory] https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5609.php

[Various Sources] https://www.red-v.tv/

[Issue Tracking] https://cxsecurity.com/issue/WLB-2020110130

[Exploit, Third Party Advisory] https://packetstormsecurity.com/files/160073

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/191803

[Third Party Advisory] https://www.vulncheck.com/advisories/red-v-super-digital-signage-system-log-information-disclosure-vulnerability

Scores

CVSS v3 7.5

EPSS 0.0025

EPSS Percentile 47.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-548

Status draft

Timeline

Published Jan 06, 2026

Tracked Since Feb 18, 2026