CVE-2020-29058 - Cdata 9288 Firmware, Cdata 97042p Firmware and Cdata Fd1216s-r1 Firmware
An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. Attackers can discover cleartext web-server credentials via certain /opt/lighttpd/web/cgi/ requests.
Affected software
Cdata 9288 Firmware
Cdata 97042p Firmware
Cdata Fd1216s-r1 Firmware
Cdata Fd1208s-r2 Firmware
Cdata Fd1204s-r2 Firmware
Cdata Fd1204sn Firmware
Cdata Fd1204sn-r2 Firmware
Cdata 92416a Firmware
Cdata Fd1108s Firmware
Cdata Fd1002s Firmware
Cdata Fd1616gs Firmware
Cdata Fd8000 Firmware
Cdata Fd1616sn Firmware
Cdata Fd1104 Firmware
Cdata Fd1104b Firmware
Cdata Fd1104s Firmware
Cdata 72408a Firmware
Cdata 97016 Firmware
Cdata Fd1608gs Firmware
Cdata 97024p Firmware
Cdata Fd1608sn Firmware
Cdata Fd1104sn Firmware
Cdata 9008a Firmware
Cdata 97168p Firmware
Cdata 97084p Firmware
Cdata 9016a Firmware
Cdata 92408a Firmware
Cdata 97028p Firmware