exploitDog

CVE-2020-12837

Опубликовано: 24 сент. 2020

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading images to garage doors. The magic bytes of PNG must be used.

Ссылки

https://ismartgate.com/secure-garage-door/
Product
Vendor Advisory
https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf
Exploit
Third Party Advisory
https://ismartgate.com/secure-garage-door/
Product
Vendor Advisory
https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:gogogate:ismartgate_pro_firmware:1.5.9:*:*:*:*:*:*:*

cpe:2.3:h:gogogate:ismartgate_pro:-:*:*:*:*:*:*:*

EPSS

Процентиль: 57%

0.00351

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-434

Связанные уязвимости

GHSA-wcpp-58jv-4c64

github

больше 3 лет назад

ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading images to garage doors. The magic bytes of PNG must be used.

EPSS

Процентиль: 57%

0.00351

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-434