On Keeper K5 20.1.0.25 and 20.1.0.63 devices, remote code execution can occur by inserting an SD card containing a file named zskj_script_run.sh that executes a reverse shell.
References
Link | Resource |
---|---|
https://gitlab.com/crypt0crc/cve-2019-16398 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2019-09-19 08:15
Updated : 2021-07-21 04:39
NVD link : CVE-2019-16398
Mitre link : CVE-2019-16398
JSON object : View
CWE
CWE-345
Insufficient Verification of Data Authenticity
Products Affected
keeper
- k5_firmware
- k5