Vulnerability Details CVE-2018-17766
Ingenico Telium 2 POS Telium2 OS allow bypass of file-reading restrictions via the NTPT3 protocol. This is fixed in Telium 2 SDK v9.32.03 patch N.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 16.9%
CVSS Severity
CVSS v3 Score 4.6
CVSS v2 Score 2.1
References
- https://ingenico.us/smart-terminals/telium2
- https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-15/
- https://youtu.be/gtbS3Gr264w
- https://youtu.be/oyUD7RDJsJs
- https://ingenico.us/smart-terminals/telium2
- https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-15/
- https://youtu.be/gtbS3Gr264w
- https://youtu.be/oyUD7RDJsJs
Products affected by CVE-2018-17766
-
cpe:2.3:h:ingenico:telium_2:-
-
cpe:2.3:o:ingenico:telium_2_firmware:*