VYPR

SG 150-0 Smart Gateway

by S. Siedle & Soehne

CVEs (3)

  • CVE-2020-9474HigMay 7, 2020
    risk 0.57cvss 8.8epss 0.02

    The S. Siedle & Soehne SG 150-0 Smart Gateway before 1.2.4 allows remote code execution via the backup functionality in the web frontend. By using an exploit chain, an attacker with access to the network can get root access on the gateway.

  • CVE-2020-9475HigMay 7, 2020
    risk 0.46cvss 7.0epss 0.00

    The S. Siedle & Soehne SG 150-0 Smart Gateway before 1.2.4 allows local privilege escalation via a race condition in logrotate. By using an exploit chain, an attacker with access to the network can get root access on the gateway.

  • CVE-2020-9473MedApr 6, 2020
    risk 0.43cvss 6.6epss 0.01

    The S. Siedle & Soehne SG 150-0 Smart Gateway before 1.2.4 has a passwordless ftp ssh user. By using an exploit chain, an attacker with access to the network can get root access on the gateway.