| TVN ID | TVN-202008002 |
|---|---|
| CVE ID | CVE-2020-24552 |
| CVSS | 5.5(Medium) CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N |
| Affected Products | 3G/4G LTE Cellular to Ethernet and Serial Secure Industrial Gateway series SE5901 , SE5901B, SE5904D, SE5908, SE5908A, SE5916, SE5916A Firmware v1.18~v1.40 |
| Description | Atop Technology industrial 3G/4G gateway contains Command Injection vulnerability. Due to insufficient input validation, the device's web management interface allows attackers to inject specific code and execute system commands without privilege. |
| Solution | Update Firmware series to V1.51 |
| Credit | Dio Lin (CHT)/ Iok-Jin Sih (CHT)/ Po-Chin, Chan (CHT) |
| Public Date | 2020-09-10 |
:::