23 matches found
CVE-2020-23161
CVE-2020-23161 describes a local file inclusion in Pyrescom Termod4 time management devices prior to 10.04k. The issue allows an authenticated remote attacker to traverse the device’s filesystem and read sensitive files by tampering with the file-path parameter in the Maintenance > Logs URL. T...
CVE-2020-23160
CVE-2020-23160 affects Pyrescom Termod4 time management devices prior to firmware 10.04k. The issue permits authenticated remote attackers to execute arbitrary commands as root on the device. A Proof-of-Concept exploit exists for PoC usage, highlighting web server component vulnerabilities that c...
CVE-2020-23160
Remote code execution in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to arbitrary commands as root on the devices...