This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Softing First view 2019-10-10
Product Uagate Si Firmware Last view 2019-10-10
Version 1.60.01 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:softing:uagate_si_firmware

Activity : Overall

Related : CVE

  Date Alert Description
8.8 2019-10-10 CVE-2019-15051

An issue was discovered in Softing uaGate (SI, MB, 840D) firmware through 1.71.00.1225. A CGI script is vulnerable to command injection via a maliciously crafted form parameter.

7.5 2019-10-10 CVE-2019-11528

An issue was discovered in Softing uaGate SI 1.60.01. A system default path for executables is user writable.

8.8 2019-10-10 CVE-2019-11527

An issue was discovered in Softing uaGate SI 1.60.01. A CGI script is vulnerable to command injection with a maliciously crafted url parameter.

9.8 2019-10-10 CVE-2019-11526

An issue was discovered in Softing uaGate SI 1.60.01. A maintenance script, that is executable via sudo, is vulnerable to file path injection. This enables the Attacker to write files with superuser privileges in specific locations.

CWE : Common Weakness Enumeration

%idName
25% (1) CWE-269 Improper Privilege Management
25% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
25% (1) CWE-94 Failure to Control Generation of Code ('Code Injection')
25% (1) CWE-78 Improper Sanitization of Special Elements used in an OS Command ('O...