CVE-2020-24552
5.5
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N
Summary
Atop Technology industrial 3G/4G gateway contains Command Injection vulnerability. Due to insufficient input validation, the device's web management interface allows attackers to inject specific code and execute system commands without privilege.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Atop Technology | 3G/4G LTE Cellular to Ethernet and Serial Secure Industrial Gateway SE5901 | 1.18 <= 1.4 | affected |
| Atop Technology | 3G/4G LTE Cellular to Ethernet and Serial Secure Industrial Gateway SE5901B | 1.18 <= 1.4 | affected |
| Atop Technology | 3G/4G LTE Cellular to Ethernet and Serial Secure Industrial Gateway SE5904D | 1.18 <= 1.4 | affected |
| Atop Technology | 3G/4G LTE Cellular to Ethernet and Serial Secure Industrial Gateway SE5908 | 1.18 1.4 | affected |
| Atop Technology | 3G/4G LTE Cellular to Ethernet and Serial Secure Industrial Gateway SE5908A | 1.18 1.4 | affected |
| Atop Technology | 3G/4G LTE Cellular to Ethernet and Serial Secure Industrial Gateway SE5916 | 1.18 1.4 | affected |
| Atop Technology | 3G/4G LTE Cellular to Ethernet and Serial Secure Industrial Gateway SE5916A | 1.18 1.4 | affected |
Weaknesses
- CWE-78: CWE-78 OS Command Injection
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.