CVE-2020-36922

Medium CVSS: 6.9

Sony BRAVIA Digital Signage 1.7.8 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive system details through API endpoints. Attackers can retrieve network interface information, server configurations, and system metadata by sending requests to the exposed system API.

Vendor

Sony

Product

Bravia Signage

CWE

CWE-497

Yayın Tarihi

2026-01-06 16:15:48

Güncelleme

2026-01-22 21:20:37

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-497 Bravia Signage MEDIUM Sony 2026

Referanslar

https://cxsecurity.com/issue/WLB-2020120028 https://exchange.xforce.ibmcloud.com/vulnerabilities/192606 https://packetstorm.news/files/id/160343 https://pro-bravia.sony.net https://pro-bravia.sony.net/resources/software/bravia-signage/ https://pro.sony/ue_US/products/display-software https://www.exploit-db.com/exploits/49187 https://www.vulncheck.com/advisories/sony-bravia-digital-signage-unauthenticated-system-api-information-disclosure https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5610.php

Benzer Kayıtlar

Medium

CVE-2020-36923

Sony BRAVIA Digital Signage 1.7.8 contains an insecure direct object reference vulnerability that allows attackers to by…

Medium

CVE-2020-36924

Sony BRAVIA Digital Signage 1.7.8 contains a remote file inclusion vulnerability that allows attackers to inject arbitra…

Critical

CVE-2020-36885

Sony IPELA Network Camera 1.82.01 contains a stack buffer overflow vulnerability in the ftpclient.cgi endpoint that allo…

Medium

CVE-2025-64730

Cross-site scripting vulnerability exists in SNC-CX600W all versions. If this vulnerability is exploited, an arbitrary s…

Low

CVE-2025-62497

Cross-site request forgery vulnerability exists in SNC-CX600W versions prior to Ver.2.8.0. If a user accesses a speciall…

High

CVE-2025-5475

Sony XAV-AX8500 Bluetooth Packet Handling Integer Overflow Remote Code Execution Vulnerability. This vulnerability allow…