Vulnerability Description
Atop Technology industrial 3G/4G gateway contains Command Injection vulnerability. Due to insufficient input validation, the device's web management interface allows attackers to inject specific code and execute system commands without privilege.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Atoptechnology | Se5901 Firmware | >= 1.18, <= 1.40 |
| Atoptechnology | Se5901 | - |
| Atoptechnology | Se5901B Firmware | >= 1.18, <= 1.40 |
| Atoptechnology | Se5901B | - |
| Atoptechnology | Se5904D Firmware | >= 1.18, <= 1.40 |
| Atoptechnology | Se5904D | - |
| Atoptechnology | Se5908 Firmware | >= 1.18, <= 1.40 |
| Atoptechnology | Se5908 | - |
| Atoptechnology | Se5908A Firmware | >= 1.18, <= 1.40 |
| Atoptechnology | Se5908A | - |
| Atoptechnology | Se5916 Firmware | >= 1.18, <= 1.40 |
| Atoptechnology | Se5916 | - |
| Atoptechnology | Se5916A Firmware | >= 1.18, <= 1.40 |
| Atoptechnology | Se5916A | - |
Related Weaknesses (CWE)
References
- https://www.twcert.org.tw/tw/cp-132-3956-608f1-1.htmlThird Party Advisory
- https://www.twcert.org.tw/tw/cp-132-3956-608f1-1.htmlThird Party Advisory
FAQ
What is CVE-2020-24552?
CVE-2020-24552 is a vulnerability with a CVSS score of 5.5 (MEDIUM). Atop Technology industrial 3G/4G gateway contains Command Injection vulnerability. Due to insufficient input validation, the device's web management interface allows attackers to inject specific code ...
How severe is CVE-2020-24552?
CVE-2020-24552 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-24552?
Check the references section above for vendor advisories and patch information. Affected products include: Atoptechnology Se5901 Firmware, Atoptechnology Se5901, Atoptechnology Se5901B Firmware, Atoptechnology Se5901B, Atoptechnology Se5904D Firmware.