Vulnerabilities (CVE)

Filtered by vendor Timetoolsltd Subscribe
Filtered by product Sc9205
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-8964 1 Timetoolsltd 20 Sc7105, Sc7105 Firmware, Sc9205 and 17 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
TimeTools SC7105 1.0.007, SC9205 1.0.007, SC9705 1.0.007, SR7110 1.0.007, SR9210 1.0.007, SR9750 1.0.007, SR9850 1.0.007, T100 1.0.003, T300 1.0.003, and T550 1.0.003 devices allow remote attackers to bypass authentication by placing t3axs=TiMEtOOlsj7G3xMm52wB in a t3.cgi request, aka a "hardcoded cookie."
CVE-2020-8963 1 Timetoolsltd 20 Sc7105, Sc7105 Firmware, Sc9205 and 17 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
TimeTools SC7105 1.0.007, SC9205 1.0.007, SC9705 1.0.007, SR7110 1.0.007, SR9210 1.0.007, SR9750 1.0.007, SR9850 1.0.007, T100 1.0.003, T300 1.0.003, and T550 1.0.003 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the t3.cgi srmodel or srtime parameter.