exploitDog

CVE-2018-17772

Опубликовано: 09 сент. 2020

Источник: nvd

CVSS3: 6.8

CVSS2: 7.2

EPSS Низкий

Описание

Ingenico Telium 2 POS terminals allow arbitrary code execution via the TRACE protocol. This is fixed in Telium 2 SDK v9.32.03 patch N.

Ссылки

https://ingenico.us/smart-terminals/telium2
Product
https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-18/
Third Party Advisory
https://youtu.be/gtbS3Gr264w
Exploit
Third Party Advisory
https://youtu.be/oyUD7RDJsJs
Exploit
Third Party Advisory
https://ingenico.us/smart-terminals/telium2
Product
https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-18/
Third Party Advisory
https://youtu.be/gtbS3Gr264w
Exploit
Third Party Advisory
https://youtu.be/oyUD7RDJsJs
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:ingenico:telium_2_firmware:*:*:*:*:*:*:*:*

Версия до 9.32.03 (исключая)

cpe:2.3:h:ingenico:telium_2:-:*:*:*:*:*:*:*

EPSS

Процентиль: 30%

0.0011

Низкий

6.8 Medium

CVSS3

7.2 High

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-88xv-4j49-xfpj

github

больше 3 лет назад

Ingenico Telium 2 POS terminals allow arbitrary code execution via the TRACE protocol. This is fixed in Telium 2 SDK v9.32.03 patch N.

EPSS

Процентиль: 30%

0.0011

Низкий

6.8 Medium

CVSS3

7.2 High

CVSS2

Дефекты

NVD-CWE-noinfo