VYPR

GWM

by Martem

CVEs (2)

  • CVE-2018-10603CriJul 31, 2018
    risk 0.64cvss 9.8epss 0.03

    Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux_4-01-601cb47 and prior do not perform authentication of IEC-104 control commands, which may allow a rogue node a remote control of the industrial process.

  • CVE-2018-10609MedJul 31, 2018
    risk 0.40cvss 6.1epss 0.02

    Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux_4-01-601cb47 and prior allow improper sanitization of data over a Websocket which may allow cross-site scripting and client-side code execution with target user privileges.