Kyland: >> Kps2204 6 Port Managed Din-Rail Programmable Serial Device Security Vulnerabilities
An arbitrary code execution vulnerability in Kyland KPS2204 6 Port Managed Din-Rail Programmable Serial Device Servers Software Version:R0002.P05 allows remote attackers to upload a malicious script file by constructing a POST type request and writing a payload in the request parameters as an instruction to write a file.
CVSS Score
9.8
EPSS Score
0.025
Published
2020-12-17
A sensitive information disclosure vulnerability in Kyland KPS2204 6 Port Managed Din-Rail Programmable Serial Device Servers Software Version:R0002.P05 allows remote attackers to get username and password by request /cgi-bin/webadminget.cgi script via the browser.
CVSS Score
9.8
EPSS Score
0.006
Published
2020-12-17