Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-15051 | 1 Softing | 6 Uagate 840d, Uagate 840d Firmware, Uagate Mb and 3 more | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
An issue was discovered in Softing uaGate (SI, MB, 840D) firmware through 1.71.00.1225. A CGI script is vulnerable to command injection via a maliciously crafted form parameter. | |||||
CVE-2019-11528 | 1 Softing | 2 Uagate Si, Uagate Si Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in Softing uaGate SI 1.60.01. A system default path for executables is user writable. | |||||
CVE-2019-11527 | 1 Softing | 2 Uagate Si, Uagate Si Firmware | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
An issue was discovered in Softing uaGate SI 1.60.01. A CGI script is vulnerable to command injection with a maliciously crafted url parameter. | |||||
CVE-2019-11526 | 1 Softing | 2 Uagate Si, Uagate Si Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
An issue was discovered in Softing uaGate SI 1.60.01. A maintenance script, that is executable via sudo, is vulnerable to file path injection. This enables the Attacker to write files with superuser privileges in specific locations. |