CVE-2019-15051

Severity CVSS v4.0:
Pending analysis
Type:
CWE-77 Command Injection
Publication date:
10/10/2019
Last modified:
24/08/2020

Description

An issue was discovered in Softing uaGate (SI, MB, 840D) firmware through 1.71.00.1225. A CGI script is vulnerable to command injection via a maliciously crafted form parameter.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:softing:uagate_si_firmware:*:*:*:*:*:*:*:* 1.71.00.1225 (including)
cpe:2.3:h:softing:uagate_si:-:*:*:*:*:*:*:*
cpe:2.3:o:softing:uagate_mb_firmware:*:*:*:*:*:*:*:* 1.71.00.1225 (including)
cpe:2.3:h:softing:uagate_mb:-:*:*:*:*:*:*:*
cpe:2.3:o:softing:uagate_840d_firmware:*:*:*:*:*:*:*:* 1.71.00.1225 (including)
cpe:2.3:h:softing:uagate_840d:-:*:*:*:*:*:*:*


References to Advisories, Solutions, and Tools