CVE-2020-36921

medium

Description

RED-V Super Digital Signage System 5.1.1 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive webserver log files. Attackers can visit multiple endpoints to retrieve system resources and debug log information without authentication.

References

https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5609.php

https://www.vulncheck.com/advisories/red-v-super-digital-signage-system-log-information-disclosure-vulnerability

https://www.red-v.tv/

https://packetstormsecurity.com/files/160073

https://exchange.xforce.ibmcloud.com/vulnerabilities/191803

https://cxsecurity.com/issue/WLB-2020110130

Details

Source: Mitre, NVD

Published: 2026-01-06

Updated: 2026-04-15

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

CVSS v4

Base Score: 6.9

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Severity: Medium

EPSS

EPSS: 0.00191