go to Content
:::

TWCERT/CC Taiwan Computer Emergency Response Team/Coordination Center

:::

Date:
Font-stze:

Atop Technology 3G/4G LTE Cellular to Ethernet and Serial Secure Industrial Gateway - Command Injection

TVN ID TVN-202008002
Public Date 2020-09-10
Affected Products 3G/4G LTE Cellular to Ethernet and Serial Secure Industrial Gateway series SE5901 , SE5901B, SE5904D, SE5908, SE5908A, SE5916, SE5916A Firmware v1.18~v1.40
Description Atop Technology industrial 3G/4G gateway contains Command Injection vulnerability. Due to insufficient input validation, the device's web management interface allows attackers to inject specific code and execute system commands without privilege.
CVE ID CVE-2020-24552
Solution Update Firmware series to V1.51
Credit Dio Lin (CHT)/ Iok-Jin Sih (CHT)/ Po-Chin, Chan (CHT)
Top