4 matches found
CVE-2019-11527
CVE-2019-11527 involves Softing uaGate SI 1.60.01, where a CGI script is vulnerable to command injection via a maliciously crafted URL parameter. The vulnerability is documented across multiple sources (NVD, Red Hat, CNVD, CVE lists). CVSSv3.1 vectors indicate an attack vector of NETWORK with low...
CVE-2019-15051
CVE-2019-15051 affects Softing uaGate family (SI, MB, 840D) firmware up to version 1.71.00.1225. A CGI script is vulnerable to command injection via a specially crafted form parameter, enabling an attacker with network access and low privileges to execute arbitrary commands with high impact. NVD ...
CVE-2019-11528
CVE-2019-11528 affects Softing uaGate SI 1.60.01. The issue is that a system default path for executables is user-writable, allowing an attacker to modify or add executables in that path. No remediation details are provided in the connected documents. If exploiting details are present, they are n...
CVE-2019-11526
Softing uaGate SI 1.60.01 contains a privilege-elevation issue in its maintenance script that runs via sudo. The maintenance script is vulnerable to file path injection, allowing an attacker to write files with superuser privileges in specific locations. This CVE (CVE-2019-11526) is documented ac...