Ingenico Telium 2 POS terminals allow arbitrary code execution via the TRACE protocol. This is fixed in Telium 2 SDK v9.32.03 patch N.
References
Link | Resource |
---|---|
https://ingenico.us/smart-terminals/telium2 | Product |
https://youtu.be/gtbS3Gr264w | Exploit Third Party Advisory |
https://youtu.be/oyUD7RDJsJs | Exploit Third Party Advisory |
https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-18/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2020-09-09 12:15
Updated : 2022-01-01 10:37
NVD link : CVE-2018-17772
Mitre link : CVE-2018-17772
JSON object : View
CWE
Products Affected
ingenico
- telium_2_firmware
- telium_2