PT-2017-16861 · Satel Iberia · Sennet Optimal Datalogger+2
Publicado
2017-05-19
·
Atualizado
2019-10-09
·
CVE-2017-6048
CVSS v2.0
9.0
Alta
| Vetor | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Satel Iberia SenNet Data Logger and Electricity Meters versions prior to the following:
- SenNet Optimal DataLogger V5.37c-1.43c
- SenNet Solar Datalogger V5.03-1.56a
- SenNet Multitask Meter V5.21a-1.18b
Description
A Command Injection issue was discovered. Successful exploitation could result in an attacker breaking out of the jailed shell and gaining full access to the system.
Recommendations
For SenNet Optimal DataLogger versions prior to V5.37c-1.43c, update to a version that includes the fix for this issue.
For SenNet Solar Datalogger versions prior to V5.03-1.56a, update to a version that includes the fix for this issue.
For SenNet Multitask Meter versions prior to V5.21a-1.18b, update to a version that includes the fix for this issue.
As a temporary workaround, consider restricting access to the system to minimize the risk of exploitation.
Exploit
Correção
Command Injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Sennet Multitask Meter
Sennet Optimal Datalogger
Sennet Solar Datalogger