Vulnerability Details CVE-2020-16205
Using a specially crafted URL command, a remote authenticated user can execute commands as root on the G-Cam and G-Code (Firmware Versions 1.12.0.25 and prior as well as the limited Versions 1.12.13.2 and 1.12.14.5).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.577
EPSS Ranking 98.1%
CVSS Severity
CVSS v3 Score 7.2
CVSS v2 Score 9.0
References
- http://packetstormsecurity.com/files/158888/Geutebruck-testaction.cgi-Remote-Command-Execution.html
- https://us-cert.cisa.gov/ics/advisories/icsa-20-219-03
- http://packetstormsecurity.com/files/158888/Geutebruck-testaction.cgi-Remote-Command-Execution.html
- https://us-cert.cisa.gov/ics/advisories/icsa-20-219-03
Products affected by CVE-2020-16205
-
cpe:2.3:h:geutebrueck:g-cam_ebc-2110:-
-
cpe:2.3:h:geutebrueck:g-cam_ebc-2111:-
-
cpe:2.3:h:geutebrueck:g-cam_efd-2240:-
-
cpe:2.3:h:geutebrueck:g-cam_efd-2241:-
-
cpe:2.3:h:geutebrueck:g-cam_efd-2250:-
-
cpe:2.3:h:geutebrueck:g-cam_ethc-2230:-
-
cpe:2.3:h:geutebrueck:g-cam_ethc-2239:-
-
cpe:2.3:h:geutebrueck:g-cam_ethc-2240:-
-
cpe:2.3:h:geutebrueck:g-cam_ethc-2249:-
-
cpe:2.3:h:geutebrueck:g-cam_ewpc-2270:-
-
cpe:2.3:h:geutebrueck:g-code_eec-2400:-
-
cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.0.25
-
cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.13.2
-
cpe:2.3:o:geutebrueck:g-cam_ebc-2110_firmware:1.12.14.5
-
cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.0.25
-
cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.13.2
-
cpe:2.3:o:geutebrueck:g-cam_ebc-2111_firmware:1.12.14.5
-
cpe:2.3:o:geutebrueck:g-cam_efd-2240_firmware:1.12.0.25
-
cpe:2.3:o:geutebrueck:g-cam_efd-2240_firmware:1.12.13.2
-
cpe:2.3:o:geutebrueck:g-cam_efd-2240_firmware:1.12.14.5
-
cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.0.25
-
cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.13.2
-
cpe:2.3:o:geutebrueck:g-cam_efd-2241_firmware:1.12.14.5
-
cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.0.25
-
cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.13.2
-
cpe:2.3:o:geutebrueck:g-cam_efd-2250_firmware:1.12.14.5
-
cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.0.25
-
cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.13.2
-
cpe:2.3:o:geutebrueck:g-cam_ethc-2230_firmware:1.12.14.5
-
cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.0.25
-
cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.13.2
-
cpe:2.3:o:geutebrueck:g-cam_ethc-2239_firmware:1.12.14.5
-
cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.0.25
-
cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.13.2
-
cpe:2.3:o:geutebrueck:g-cam_ethc-2240_firmware:1.12.14.5
-
cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.0.25
-
cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.13.2
-
cpe:2.3:o:geutebrueck:g-cam_ethc-2249_firmware:1.12.14.5
-
cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.0.25
-
cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.13.2
-
cpe:2.3:o:geutebrueck:g-cam_ewpc-2270_firmware:1.12.14.5
-
cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.0.25
-
cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.13.2
-
cpe:2.3:o:geutebrueck:g-code_eec-2400_firmware:1.12.14.5