CVE-2020-8976 The ZGR TPS200 NG integrated server on 2.00 firmware and 1.01 hardware allows a remote attacker to perform actions as the victim user.

The server responds to the request by generating an internal stack trace and sending it to the client. The client parses the internal stack trace and determines the possible causes. When it comes to the possibility of a malicious request, the client prompts the user to either accept the request or deny it. If the user denies the request, the client generates a confirmation message for the denial and closes the connection. However, if the user accepts the request, the client generates a new request with the same parameters as the first one, but with a new session ID. The second request is accepted by the server and the client generates another internal stack trace and sends it to the server. The server parses the internal stack trace and determines the possible causes. When it comes to the possibility of a malicious request, the server prompts the user to either accept the request or deny it. If the user denies the request, the server generates a confirmation message for the denial and closes the connection. However, if the user accepts the request, the server generates a new request with the same parameters as the first one, but with a new session ID. The second request is accepted by the client and the server generates another internal stack trace and sends it to the client. The client parses the internal stack trace and determines the possible causes

References https://www.webopedia.com/TERM/F/false_positive.html

http://en.wikipedia.org/wiki/HTTP_response_code

CVE-2018-9482

The server responds to the request by generating an internal stack trace and sending it to the client. The client parses the internal stack trace and determines the possible causes. When it comes to the possibility of a malicious request, the client prompts the user to either accept the request or deny it. If the user denies the request, the client generates a confirmation message for the denial and closes the connection. However, if the user accepts the request, the client generates a new request with different parameters than normally used in previous requests. The second request is accepted by server and client generates another internal stack trace and sends it to server. The server parses and determines that there was no malicious action done on behalf of this new session ID

Timeline

Published on: 10/17/2022 22:15:00 UTC
Last modified on: 10/20/2022 14:50:00 UTC

References

• https://www.incibe-cert.es/en/early-warning/ics-advisories/multiple-vulnerabilities-zgr-tps200-ng
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-8976