{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2020-36899","assignerOrgId":"83251b91-4cc7-4094-a5c7-464a1b83ea10","state":"PUBLISHED","assignerShortName":"VulnCheck","dateReserved":"2025-12-09T11:46:53.452Z","datePublished":"2025-12-10T21:03:57.079Z","dateUpdated":"2025-12-11T18:52:47.707Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"QiHang Media Web Digital Signage","vendor":"Shenzhen Xingmeng Qihang Media Co., Ltd. Guangzhou Hefeng Automation Technology Co., Ltd.","versions":[{"status":"affected","version":"3.0.9.0"}]}],"credits":[{"lang":"en","type":"finder","value":"LiquidWorm as Gjoko Krstic of Zero Science Lab"}],"datePublic":"2020-08-12T00:00:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<p>QiHang Media Web Digital Signage 3.0.9 contains an unauthenticated file disclosure vulnerability that allows remote attackers to access sensitive files through unverified 'filename' and 'path' parameters. Attackers can exploit the QH.aspx endpoint to read arbitrary files and directory contents without authentication by manipulating download and getAll actions.</p>"}],"value":"QiHang Media Web Digital Signage 3.0.9 contains an unauthenticated file disclosure vulnerability that allows remote attackers to access sensitive files through unverified 'filename' and 'path' parameters. Attackers can exploit the QH.aspx endpoint to read arbitrary files and directory contents without authentication by manipulating download and getAll actions."}],"metrics":[{"cvssV4_0":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"NETWORK","baseScore":8.7,"baseSeverity":"HIGH","exploitMaturity":"NOT_DEFINED","privilegesRequired":"NONE","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"NONE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N","version":"4.0","vulnAvailabilityImpact":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnerabilityResponseEffort":"NOT_DEFINED"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-530","description":"CWE-530: Exposure of Backup File to an Unauthorized Control Sphere","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"83251b91-4cc7-4094-a5c7-464a1b83ea10","shortName":"VulnCheck","dateUpdated":"2025-12-10T21:03:57.079Z"},"references":[{"name":"ExploitDB-48750","tags":["exploit"],"url":"https://www.exploit-db.com/exploits/48750"},{"name":"Official Product Homepage","tags":["product"],"url":"http://www.howfor.com"},{"name":"Vendor Security Advisory for ZSL-2020-5581","tags":["vendor-advisory","vdb-entry"],"url":"https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5581.php"},{"name":"VulnCheck Advisory: QiHang Media Web Digital Signage 3.0.9 Unauthenticated Arbitrary File Disclosure","tags":["third-party-advisory"],"url":"https://www.vulncheck.com/advisories/qihang-media-web-digital-signage-unauthenticated-arbitrary-file-disclosure"}],"source":{"discovery":"UNKNOWN"},"title":"QiHang Media Web Digital Signage 3.0.9 Unauthenticated Arbitrary File Disclosure","x_generator":{"engine":"vulncheck"}},"adp":[{"references":[{"url":"https://www.exploit-db.com/exploits/48750","tags":["exploit"]},{"url":"https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5581.php","tags":["exploit"]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-12-11T15:53:05.923944Z","id":"CVE-2020-36899","options":[{"Exploitation":"poc"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-12-11T18:52:47.707Z"}}]}}