CVE-2019-15051
Severity CVSS v4.0:
Pending analysis
Type:
CWE-77
Command Injection
Publication date:
10/10/2019
Last modified:
24/08/2020
Description
An issue was discovered in Softing uaGate (SI, MB, 840D) firmware through 1.71.00.1225. A CGI script is vulnerable to command injection via a maliciously crafted form parameter.
Impact
Base Score 3.x
8.80
Severity 3.x
HIGH
Base Score 2.0
9.00
Severity 2.0
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:softing:uagate_si_firmware:*:*:*:*:*:*:*:* | 1.71.00.1225 (including) | |
cpe:2.3:h:softing:uagate_si:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:softing:uagate_mb_firmware:*:*:*:*:*:*:*:* | 1.71.00.1225 (including) | |
cpe:2.3:h:softing:uagate_mb:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:softing:uagate_840d_firmware:*:*:*:*:*:*:*:* | 1.71.00.1225 (including) | |
cpe:2.3:h:softing:uagate_840d:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page