CyberSec.Space Logo
Back to CVE Browser

CVE-2020-9474

HIGH
8.8
CVSS Severity Score
EPSS Score0.0460%
EPSS Percentile39.91th
PublishedMay 7, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

The S. Siedle & Soehne SG 150-0 Smart Gateway before 1.2.4 allows remote code execution via the backup functionality in the web frontend. By using an exploit chain, an attacker with access to the network can get root access on the gateway.

Affected Platforms (CPE)

💻
Siedle

Sg 150 0 Firmware

< 1.2.4

References & Advisories

🔗 https://research.hisolutions.com/2020/04/open-the-gates-insecurity-of-cloudless-smart-door-systems/
🔗 https://research.hisolutions.com/2020/04/open-the-gates-insecurity-of-cloudless-smart-door-systems/

Related Vulnerabilities

CVE-2009-42957.8

Sun Ray Server Software 4.0 and 4.1 does not generate a unique DSA private key for the firmware on each Sun Ray 1, 1g, 100, and 15...

CVE-2020-696610.0

In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Ver...

CVE-2020-696110.0

In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Ve...

CVE-2020-696210.0

In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Ve...