Description
Atop Technology industrial 3G/4G gateway contains Command Injection vulnerability. Due to insufficient input validation, the device's web management interface allows attackers to inject specific code and execute system commands without privilege.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
Low
Availability
None
Affected products
- Atop Technology / 3G/4G LTE Cellular to Ethernet and Serial Secure Industrial Gateway SE59011.18 – 1.4
- Atop Technology / 3G/4G LTE Cellular to Ethernet and Serial Secure Industrial Gateway SE5901B1.18 – 1.4
- Atop Technology / 3G/4G LTE Cellular to Ethernet and Serial Secure Industrial Gateway SE5904D1.18 – 1.4
- Atop Technology / 3G/4G LTE Cellular to Ethernet and Serial Secure Industrial Gateway SE59081.18 1.4 – 1.18 1.4
- Atop Technology / 3G/4G LTE Cellular to Ethernet and Serial Secure Industrial Gateway SE5908A1.18 1.4 – 1.18 1.4
- Atop Technology / 3G/4G LTE Cellular to Ethernet and Serial Secure Industrial Gateway SE59161.18 1.4 – 1.18 1.4
- Atop Technology / 3G/4G LTE Cellular to Ethernet and Serial Secure Industrial Gateway SE5916A1.18 1.4 – 1.18 1.4