| Titel | Alien Technology ALR-F800 19.10.24.00 and lower OS Command Injection |
|---|
| Beschreibung | ALR-F800 is a high-performance RFID reader and features Gatescape web interface.
A vulnerability exists in /var/www/cgi-bin/upgrade.cgi. An attacker can execute system commands by crafting a malicious filename. |
|---|
| Quelle | ⚠️ https://github.com/Push3AX/vul/blob/main/Alien%20Technology%20/ALR-F800.md |
|---|
| Benutzer | PushEAX (UID 54708) |
|---|
| Einreichung | 30.07.2024 03:03 (vor 2 Jahren) |
|---|
| Moderieren | 07.08.2024 08:38 (8 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 273859 [Alien Technology ALR-F800 bis 19.10.24.00 File Name upgrade.cgi popen uploadedFile erweiterte Rechte] |
|---|
| Punkte | 16 |
|---|