PT-2021-11104 · Ucopia · Ucopia Wi-Fi Appliances

Published

2021-02-02

Updated

2021-02-04

CVE-2020-25037

CVSS v3.1

8.2

High

Vector

AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: UCOPIA Wi-Fi appliances version 6.0.5

Description: The issue allows for arbitrary code execution with admin user privileges through an escape from a restricted command.

Recommendations: For UCOPIA Wi-Fi appliances version 6.0.5, update to a version that fixes the arbitrary code execution issue to prevent exploitation.

Exploit

Fix

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-434

Related Identifiers

CVE-2020-25037

Affected Products

Ucopia Wi-Fi Appliances

PT-2021-11104 · Ucopia · Ucopia Wi-Fi Appliances

CVE-2020-25037

Weakness Enumeration

Related Identifiers

Affected Products

References · 4