CVE-2020-29057 - Cdata 9288 Firmware, Cdata 97042p Firmware and Cdata Fd1216s-r1 Firmware

November 25, 2020

Critical 7.5

An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. It allows remote attackers to cause a denial of service (reboot) by sending random bytes to the telnet server on port 23, aka a "shawarma" attack.

Affected software

Cdata 9288 Firmware

Cdata 97042p Firmware

Cdata Fd1216s-r1 Firmware

Cdata Fd1208s-r2 Firmware

Cdata Fd1204s-r2 Firmware

Cdata Fd1204sn Firmware

Cdata Fd1204sn-r2 Firmware

Cdata 92416a Firmware

Cdata Fd1108s Firmware

Cdata Fd1002s Firmware

Cdata Fd1616gs Firmware

Cdata Fd8000 Firmware

Cdata Fd1616sn Firmware

Cdata Fd1104 Firmware

Cdata Fd1104b Firmware

Cdata Fd1104s Firmware

Cdata 72408a Firmware

Cdata 97016 Firmware

Cdata Fd1608gs Firmware

Cdata 97024p Firmware

Cdata Fd1608sn Firmware

Cdata Fd1104sn Firmware

Cdata 9008a Firmware

Cdata 97168p Firmware

Cdata 97084p Firmware

Cdata 9016a Firmware

Cdata 92408a Firmware

Cdata 97028p Firmware

Reference links

https://pierrekim.github.io/blog/2020-07-07-cdata-olt-0day-vulnerabilities.html

CVE-2020-29057 - Cdata 9288 Firmware, Cdata 97042p Firmware and Cdata Fd1216s-r1 Firmware

Affected software

Reference links

Get alerted to vulnerabilities in your software