CVE-2018-17903

2018-10-2300:00:00

CWE-294

icscert

www.cve.org

9.3 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.6%

JSON

SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to a replay attack and command forgery.

CNA Affected

[
  {
    "product": "SAGA1-L8B",
    "vendor": "GAIN Electronic Co. Ltd",
    "versions": [
      {
        "status": "affected",
        "version": "All firmware versions prior to A0.10"
      }
    ]
  }
]

References

www.securityfocus.com/bid/105729

ics-cert.us-cert.gov/advisories/ICSA-18-296-02