This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Meinbergglobal First view 2017-12-15
Product Lantime Firmware Last view 2024-02-04
Version Type
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:o:meinbergglobal:lantime_firmware:6.19.001:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.18.007:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.18.008:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.18.009:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.18.010:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.18.011:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.18.012:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.18.013:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.18.014:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.18.015:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.18.016:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.18.017:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.18.018:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.18.006:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.19.002:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.19.003:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.19.004:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.19.005:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.20.001:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.20.002:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.20.003:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.20.004:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.20.005:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.20.006:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.20.007:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:*:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.17.002:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.16.001:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.16.002:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.16.003:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.16.004:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.16.005:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.16.006:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.16.007:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.16.008:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.16.009:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.16.010:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.16.011:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.17.001:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.24.003:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.17.003:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.17.004:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.17.005:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.17.006:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.17.007:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.17.008:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.18.001:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.18.002:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.18.003:*:*:*:*:*:*:* 6
cpe:2.3:o:meinbergglobal:lantime_firmware:6.18.004:*:*:*:*:*:*:* 6

Related : CVE

  Date Alert Description
6.5 2024-02-04 CVE-2021-46903

An issue was discovered in LTOS-Web-Interface in Meinberg LANTIME-Firmware before 6.24.029 MBGID-9343 and 7 before 7.04.008 MBGID-6303. An admin can delete required user accounts (in violation of expected access control).
7.2 2024-02-04 CVE-2021-46902

An issue was discovered in LTOS-Web-Interface in Meinberg LANTIME-Firmware before 6.24.029 MBGID-9343 and 7 before 7.04.008 MBGID-6303. Path validation is mishandled, and thus an admin can read or delete files in violation of expected access controls.
0 2023-04-24 CVE-2023-1731

In Meinbergs LTOS versions prior to V7.06.013, the configuration file upload function would not correctly validate the input, which would allow an remote authenticated attacker with high privileges to execute arbitrary commands.
6.5 2017-12-19 CVE-2017-16786

The Web Configuration Utility in Meinberg LANTIME devices with firmware before 6.24.004 allows remote authenticated users with certain privileges to read arbitrary files via (1) the ntpclientcounterlogfile parameter to cgi-bin/mainv2 or (2) vectors involving curl support of the "file" schema in the firmware update functionality.
7.2 2017-12-15 CVE-2017-16788

Directory traversal vulnerability in the "Upload Groupkey" functionality in the Web Configuration Utility in Meinberg LANTIME devices with firmware before 6.24.004 allows remote authenticated users with Admin-User access to write to arbitrary files and consequently gain root privileges by uploading a file, as demonstrated by storing a file in the cron.d directory.
6.5 2017-12-15 CVE-2017-16787

The Web Configuration Utility in Meinberg LANTIME devices with firmware before 6.24.004 allows remote attackers to read arbitrary files by leveraging failure to restrict URL access.

CWE : Common Weakness Enumeration

%idName
66% (2) CWE-200 Information Exposure
33% (1) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...