{
  "schema_version": "1.4.0",
  "id": "GHSA-q738-7qq7-r8ff",
  "modified": "2022-05-24T17:37:35Z",
  "published": "2022-05-24T17:37:35Z",
  "aliases": [
    "CVE-2020-10209"
  ],
  "details": "Command Injection in the CPE WAN Management Protocol (CWMP) registration in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows man-in-the-middle attackers to execute arbitrary commands with root level privileges.",
  "severity": [],
  "affected": [],
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10209"
    },
    {
      "type": "WEB",
      "url": "https://andre-oudhof.medium.com/pwning-my-isps-stbs-c5e78544274d#4dbc"
    }
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-77"
    ],
    "severity": "HIGH",
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-12-30T00:15:00Z"
  }
}