Cyber Resilience

CVE-2020-10181

CriticalCISA KEVActive ExploitationEUVD ExploitedPublic PoC

Published: 11 March 2020

Published
11 March 2020
Modified
07 November 2025
KEV Added
03 November 2021
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.2055 95.7th percentile
Risk Priority 52 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2020-10181 is a critical-severity CSRF (CWE-352) vulnerability in Sumavision Enhanced Multimedia Router Firmware. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 4.3% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and IA-2 (Identification and Authentication (Organizational Users)).

Deeper analysis

The vulnerability is a cross-site request forgery flaw (CWE-352) in the goform/formEMR30 endpoint of Sumavision Enhanced Multimedia Router (EMR) 3.0.4.27. The component accepts unauthenticated requests that create new users with administrator privileges, as shown by a setString=new_user<*1*>administrator<*1*>123456 parameter.

An unauthenticated remote attacker can exploit the issue over the network without user interaction to add an administrator account and obtain full control of the device configuration and services. The CVSS 3.1 score of 9.8 reflects the absence of required credentials and the complete confidentiality, integrity, and availability impact.

The supplied references consist of public proof-of-concept material, including PacketStorm entries and a GitHub repository with demonstration code, but contain no vendor advisory or patch information.

EU & UK References

Vulnerability details

goform/formEMR30 in Sumavision Enhanced Multimedia Router (EMR) 3.0.4.27 allows creation of arbitrary users with elevated privileges (administrator) on a device, as demonstrated by a setString=new_user<*1*>administrator<*1*>123456 request.

CWE(s)
KEV Date Added
03 November 2021

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

sumavision
enhanced multimedia router firmware
3.0.4.27

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly enforces that the formEMR30 endpoint must deny the unauthenticated setString=new_user request that creates administrator accounts.

prevent

Requires successful identification and authentication before any user-creation or privilege-elevation action is accepted on the device.

prevent

Mandates that account creation (including administrator accounts) be authorized through controlled management processes rather than unauthenticated HTTP parameters.

References