PT-2021-10346 · Emerson · Emerson Smart Wireless Gateway 1420

Published

2021-03-10

Updated

2022-07-12

CVE-2020-19417

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Emerson Smart Wireless Gateway 1420 version 4.6.59

Description: The issue allows non-privileged users, such as the default account maint, to perform administrative tasks by sending specially crafted HTTP requests to the application.

Recommendations: For Emerson Smart Wireless Gateway 1420 version 4.6.59, consider restricting access to administrative tasks for non-privileged users, such as the default account maint, until a patch is available. As a temporary workaround, restrict the ability to send specially crafted HTTP requests to the application.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-19417

Affected Products

Emerson Smart Wireless Gateway 1420

PT-2021-10346 · Emerson · Emerson Smart Wireless Gateway 1420

CVE-2020-19417

Related Identifiers

Affected Products

References · 5