Hitachienergy: >> Tro620 Firmware >> 9.1.0.0 Security Vulnerabilities
Command injection vulnerability in the Edge Computing UI for the
TRO600 series radios that allows for the execution of arbitrary system commands. If exploited, an attacker with write access to the
web UI can execute commands on the device with root privileges,
far more extensive than what the write privilege intends.
CVSS Score
7.2
EPSS Score
0.001
Published
2024-10-29
Profile files from TRO600 series radios are extracted in plain-text
and encrypted file formats. Profile files provide potential attackers
valuable configuration information about the Tropos network. Profiles
can only be exported by authenticated users with higher privilege of write access.
CVSS Score
2.7
EPSS Score
0.001
Published
2024-10-29