Mersive: >> Solstice Firmware Security Vulnerabilities
In Solstice Pod before 3.0.3, the firmware can easily be decompiled/disassembled. The decompiled/disassembled files contain non-obfuscated code. NOTE: it is unclear whether lack of obfuscation is directly associated with a negative impact, or instead only facilitates an attack technique
CVSS Score
7.5
EPSS Score
0.007
Published
2020-12-23
Insufficient validation of user-supplied input for the Solstice Pod before 2.8.4 networking configuration enables authenticated attackers to execute arbitrary commands as root.
CVSS Score
8.8
EPSS Score
0.264
Published
2019-11-27