Softing: >> Uagate Si Security Vulnerabilities
An issue was discovered in Softing uaGate SI 1.60.01. A CGI script is vulnerable to command injection with a maliciously crafted url parameter.
CVSS Score
8.8
EPSS Score
0.092
Published
2019-10-10
An issue was discovered in Softing uaGate SI 1.60.01. A system default path for executables is user writable.
CVSS Score
7.5
EPSS Score
0.002
Published
2019-10-10
An issue was discovered in Softing uaGate (SI, MB, 840D) firmware through 1.71.00.1225. A CGI script is vulnerable to command injection via a maliciously crafted form parameter.
CVSS Score
8.8
EPSS Score
0.031
Published
2019-10-10
An issue was discovered in Softing uaGate SI 1.60.01. A maintenance script, that is executable via sudo, is vulnerable to file path injection. This enables the Attacker to write files with superuser privileges in specific locations.
CVSS Score
9.8
EPSS Score
0.003
Published
2019-10-10