{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2020-36921", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-01-03T14:10:13.302Z", "datePublished": "2026-01-06T15:52:26.684Z", "dateUpdated": "2026-01-06T18:36:14.313Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-01-06T15:52:26.684Z"}, "datePublic": "2020-11-15T00:00:00.000Z", "title": "RED-V Super Digital Signage System 5.1.1 Log Information Disclosure Vulnerability", "descriptions": [{"lang": "en", "value": "RED-V Super Digital Signage System 5.1.1 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive webserver log files. Attackers can visit multiple endpoints to retrieve system resources and debug log information without authentication."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Exposure of Information Through Directory Listing", "cweId": "CWE-548", "type": "CWE"}]}], "affected": [{"vendor": "RED", "product": "RED-V Super Digital Signage System RXV-A740R", "versions": [{"version": "5.1.1", "status": "affected"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 6.9, "baseSeverity": "MEDIUM", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS"}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS"}], "references": [{"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5609.php", "name": "Zero Science Lab Disclosure (ZSL-2020-5609)", "tags": ["third-party-advisory"]}, {"url": "https://packetstormsecurity.com/files/160073", "name": "Packet Storm Security Exploit Entry", "tags": ["exploit"]}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/191803", "name": "IBM X-Force Vulnerability Exchange", "tags": ["vdb-entry"]}, {"url": "https://cxsecurity.com/issue/WLB-2020110130", "name": "CXSecurity Vulnerability Database", "tags": ["third-party-advisory"]}, {"url": "https://www.red-v.tv/", "name": "RED-V Vendor Homepage", "tags": ["product"]}, {"name": "VulnCheck Advisory: RED-V Super Digital Signage System 5.1.1 Log Information Disclosure Vulnerability", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/red-v-super-digital-signage-system-log-information-disclosure-vulnerability"}], "credits": [{"lang": "en", "value": "LiquidWorm as Gjoko Krstic of Zero Science Lab", "type": "finder"}], "x_generator": {"engine": "vulncheck"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-06T18:35:37.083688Z", "id": "CVE-2020-36921", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-06T18:36:14.313Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2020-36921", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-01-03T14:10:13.302Z", "datePublished": "2026-01-06T15:52:26.684Z", "dateUpdated": "2026-01-06T18:36:14.313Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-01-06T15:52:26.684Z"}, "datePublic": "2020-11-15T00:00:00.000Z", "title": "RED-V Super Digital Signage System 5.1.1 Log Information Disclosure Vulnerability", "descriptions": [{"lang": "en", "value": "RED-V Super Digital Signage System 5.1.1 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive webserver log files. Attackers can visit multiple endpoints to retrieve system resources and debug log information without authentication."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Exposure of Information Through Directory Listing", "cweId": "CWE-548", "type": "CWE"}]}], "affected": [{"vendor": "RED", "product": "RED-V Super Digital Signage System RXV-A740R", "versions": [{"version": "5.1.1", "status": "affected"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 6.9, "baseSeverity": "MEDIUM", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS"}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS"}], "references": [{"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5609.php", "name": "Zero Science Lab Disclosure (ZSL-2020-5609)", "tags": ["third-party-advisory"]}, {"url": "https://packetstormsecurity.com/files/160073", "name": "Packet Storm Security Exploit Entry", "tags": ["exploit"]}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/191803", "name": "IBM X-Force Vulnerability Exchange", "tags": ["vdb-entry"]}, {"url": "https://cxsecurity.com/issue/WLB-2020110130", "name": "CXSecurity Vulnerability Database", "tags": ["third-party-advisory"]}, {"url": "https://www.red-v.tv/", "name": "RED-V Vendor Homepage", "tags": ["product"]}, {"name": "VulnCheck Advisory: RED-V Super Digital Signage System 5.1.1 Log Information Disclosure Vulnerability", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/red-v-super-digital-signage-system-log-information-disclosure-vulnerability"}], "credits": [{"lang": "en", "value": "LiquidWorm as Gjoko Krstic of Zero Science Lab", "type": "finder"}], "x_generator": {"engine": "vulncheck"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2020-36921", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-06T18:35:37.083688Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-06T18:36:05.184Z"}}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "RED-V Super Digital Signage System 5.1.1 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive webserver log files. Attackers can visit multiple endpoints to retrieve system resources and debug log information without authentication."}], "id": "CVE-2020-36921", "lastModified": "2026-01-08T18:09:23.230", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "disclosure@vulncheck.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-01-06T16:15:48.427", "references": [{"source": "disclosure@vulncheck.com", "url": "https://cxsecurity.com/issue/WLB-2020110130"}, {"source": "disclosure@vulncheck.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/191803"}, {"source": "disclosure@vulncheck.com", "url": "https://packetstormsecurity.com/files/160073"}, {"source": "disclosure@vulncheck.com", "url": "https://www.red-v.tv/"}, {"source": "disclosure@vulncheck.com", "url": "https://www.vulncheck.com/advisories/red-v-super-digital-signage-system-log-information-disclosure-vulnerability"}, {"source": "disclosure@vulncheck.com", "url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5609.php"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-548"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}