CVE-2020-8170

Name: CVE-2020-8170
Creator: NVD / NIST
Published: 2020-05-26T16:15:12.773+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 6.1/10EPSS 1.02%

Last modified Jun 17, 2026

CVE-2020-8170 is a medium-severity vulnerability rated 6.1/10 on the CVSS scale. We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the description below:Multiple end-points with parameters vulnerable to reflected cross site scripting (XSS), allowing attackers to abuse the user' session information and/or account takeover of the admin user.Mitigation:Update to the latest AirMax AirOS firmware version available at the AirMax download page.. EPSS estimates a 1.02% chance of exploitation in the next 30 days.

Description

We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the description below:Multiple end-points with parameters vulnerable to reflected cross site scripting (XSS), allowing attackers to abuse the user' session information and/or account takeover of the admin user.Mitigation:Update to the latest AirMax AirOS firmware version available at the AirMax download page.

Metrics

CVSS 3.1

6.1/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS Probability

1.02%

59.0th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Ui	Airos	<= 6.2.0

References

https://community.ui.com/releases/Security-advisory-bulletin-010-010/36a8448a-7dbf-4d30-bb54-398c44591dd4Vendor Advisory
https://community.ui.com/releases/airMAX-M-v6-3-0/c8d5dec9-4030-4d7e-b23f-6a5b35ed3d83Vendor Advisory
https://www.ui.com/download/airmax-mRelease Notes, Third Party Advisory
https://community.ui.com/releases/Security-advisory-bulletin-010-010/36a8448a-7dbf-4d30-bb54-398c44591dd4Vendor Advisory
https://community.ui.com/releases/airMAX-M-v6-3-0/c8d5dec9-4030-4d7e-b23f-6a5b35ed3d83Vendor Advisory
https://www.ui.com/download/airmax-mRelease Notes, Third Party Advisory

Timeline

Published: May 26, 2020
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2020-8170?

How severe is CVE-2020-8170?

CVE-2020-8170 has a CVSS score of 6.1/10 (MEDIUM severity). The EPSS model estimates a 1.02% probability of exploitation in the next 30 days.

How do I fix CVE-2020-8170?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2020-8170?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST