CVE-2020-24552

Summary

Atop Technology industrial 3G/4G gateway contains Command Injection vulnerability. Due to insufficient input validation, the device's web management interface allows attackers to inject specific code and execute system commands without privilege.

Affected Software

VendorProductVersion RangeStatus
Atop Technology3G/4G LTE Cellular to Ethernet and Serial Secure Industrial Gateway SE59011.18 <= 1.4affected
Atop Technology3G/4G LTE Cellular to Ethernet and Serial Secure Industrial Gateway SE5901B1.18 <= 1.4affected
Atop Technology3G/4G LTE Cellular to Ethernet and Serial Secure Industrial Gateway SE5904D1.18 <= 1.4affected
Atop Technology3G/4G LTE Cellular to Ethernet and Serial Secure Industrial Gateway SE59081.18 1.4affected
Atop Technology3G/4G LTE Cellular to Ethernet and Serial Secure Industrial Gateway SE5908A1.18 1.4affected
Atop Technology3G/4G LTE Cellular to Ethernet and Serial Secure Industrial Gateway SE59161.18 1.4affected
Atop Technology3G/4G LTE Cellular to Ethernet and Serial Secure Industrial Gateway SE5916A1.18 1.4affected

Weaknesses

  • CWE-78: CWE-78 OS Command Injection

ADP Enrichment

CVE Program Container

Additional References

References