CVE-2020-9021
9.8CRITICALPost Oak AWAM Bluetooth Field Device 7400v2.08.21.2018, 7800SD.2015.1.16, 2011.3, 7400v2.02.01.2019, and 7800SD.2012.12.5 is vulnerable to injections of operating system commands through timeconfig.py
Publicado: 2/17/2020Actualizado: 11/21/2024
Descripción
Post Oak AWAM Bluetooth Field Device 7400v2.08.21.2018, 7800SD.2015.1.16, 2011.3, 7400v2.02.01.2019, and 7800SD.2012.12.5 is vulnerable to injections of operating system commands through timeconfig.py via shell metacharacters in the htmlNtpServer parameter.
Análisis IAImpulsado por IA
Productos Afectados
postoaktrafficawam_bluetooth_field_device_firmware
2011.3
postoaktrafficawam_bluetooth_field_device_firmware
7400v2.02.01.2019
postoaktrafficawam_bluetooth_field_device_firmware
7400v2.08.21.2018
postoaktrafficawam_bluetooth_field_device_firmware
7800sd.2012.12.5
postoaktrafficawam_bluetooth_field_device_firmware
7800sd.2015.1.16
postoaktrafficawam_bluetooth_field_device
-
Referencias
- https://sku11army.blogspot.com/2020/01/post-oak-traffic-systems-awam-bluetooth.htmlExploitThird Party Advisory
- https://sku11army.blogspot.com/2020/01/post-oak-traffic-systems-awam-bluetooth.htmlExploitThird Party Advisory