4 matches found
CVE-2020-16257
Winston 1.5.4 devices are vulnerable to command injection via the API...
CVE-2020-16257
Winston 1.5.4 devices are vulnerable to command injection via the API...
CVE-2020-16257
Winston 1.5.4 devices are vulnerable to command injection via the API...
CVE-2020-16257
The CVE relates to Winston 1.5.4 devices, where the API is vulnerable to command injection. The issue is driven by a vulnerability in the API surface that allows remote command execution, with CVSSv3 scores indicating high impact (Base 9.8) across confidentiality, integrity, and availability. Con...