CVE-2021-20601

Name of the Vulnerable Software and Affected Versions: GOT2000 series GT27 model all versions GOT2000 series GT25 model all versions GOT2000 series GT23 model all versions GOT2000 series GT21 model all versions GOT SIMPLE series GS21 model all versions GT SoftGOT2000 all versions

Description: The issue is related to improper input validation, allowing a remote unauthenticated attacker to write a value that exceeds the configured input range limit by sending a malicious packet to rewrite the device value. This can affect system operation, potentially causing malfunctions.

Recommendations: For GOT2000 series GT27 model, restrict access to the device to prevent rewriting of device values until a fix is available. For GOT2000 series GT25 model, consider implementing input validation to prevent values from exceeding the configured range. For GOT2000 series GT23 model, avoid using the device for critical operations until the issue is resolved. For GOT2000 series GT21 model, limit the device's network exposure to minimize the risk of exploitation. For GOT SIMPLE series GS21 model, disable any features that allow remote device value rewriting. For GT SoftGOT2000, apply configuration changes to restrict input values within the configured range.