CyberSec.Space Logo
CVEブラウザに戻る

CVE-2020-9474

HIGH
8.8
CVSS Severity Score
EPSS Score0.0460%
EPSS Percentile39.91th
Published2020年5月7日
Last Modified2024年11月21日

Vulnerability Description

The S. Siedle & Soehne SG 150-0 Smart Gateway before 1.2.4 allows remote code execution via the backup functionality in the web frontend. By using an exploit chain, an attacker with access to the network can get root access on the gateway.

Affected Platforms (CPE)

💻
Siedle

Sg 150 0 Firmware

< 1.2.4

References & Advisories

🔗 https://research.hisolutions.com/2020/04/open-the-gates-insecurity-of-cloudless-smart-door-systems/
🔗 https://research.hisolutions.com/2020/04/open-the-gates-insecurity-of-cloudless-smart-door-systems/

関連する脆弱性情報

CVE-2009-42957.8

Sun Ray Server Software 4.0 and 4.1 does not generate a unique DSA private key for the firmware on each Sun Ray 1, 1g, 100, and 15...

CVE-2020-079610.0

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles cer...

CVE-2020-195310.0

Apache Commons Configuration uses a third-party library to parse YAML files which by default allows the instantiation of classes i...

CVE-2020-1184410.0

Incorrect Authorization vulnerability in Micro Focus Container Deployment Foundation component affects products: - Hybrid Cloud Ma...