- Description
- The S. Siedle & Soehne SG 150-0 Smart Gateway before 1.2.4 allows remote code execution via the backup functionality in the web frontend. By using an exploit chain, an attacker with access to the network can get root access on the gateway.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 9
- Impact score
- 10
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:C/I:C/A:C
- nvd@nist.gov
- CWE-494
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siedle:sg_150-0_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F33615DE-9E6E-4AB6-9E1E-7FA2DFC4693A",
"versionEndExcluding": "1.2.4"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siedle:sg_150-0:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "4E2A8484-6674-4D5B-AA72-EA06DBE3D97B"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]