Meinbergglobal: >> Lantime Security Vulnerabilities
The Web Configuration Utility in Meinberg LANTIME devices with firmware before 6.24.004 allows remote attackers to read arbitrary files by leveraging failure to restrict URL access.
CVSS Score
6.5
EPSS Score
0.092
Published
2017-12-15
Directory traversal vulnerability in the "Upload Groupkey" functionality in the Web Configuration Utility in Meinberg LANTIME devices with firmware before 6.24.004 allows remote authenticated users with Admin-User access to write to arbitrary files and consequently gain root privileges by uploading a file, as demonstrated by storing a file in the cron.d directory.
CVSS Score
7.2
EPSS Score
0.013
Published
2017-12-15