Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Siedle Subscribe
Filtered by product Sg 150-0 Firmware
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-9475 1 Siedle 2 Sg 150-0, Sg 150-0 Firmware 2021-07-21 6.9 MEDIUM 7.0 HIGH
The S. Siedle & Soehne SG 150-0 Smart Gateway before 1.2.4 allows local privilege escalation via a race condition in logrotate. By using an exploit chain, an attacker with access to the network can get root access on the gateway.
CVE-2020-9474 1 Siedle 2 Sg 150-0, Sg 150-0 Firmware 2020-05-14 9.0 HIGH 8.8 HIGH
The S. Siedle & Soehne SG 150-0 Smart Gateway before 1.2.4 allows remote code execution via the backup functionality in the web frontend. By using an exploit chain, an attacker with access to the network can get root access on the gateway.
CVE-2020-9473 1 Siedle 2 Sg 150-0, Sg 150-0 Firmware 2020-05-14 8.5 HIGH 6.6 MEDIUM
The S. Siedle & Soehne SG 150-0 Smart Gateway before 1.2.4 has a passwordless ftp ssh user. By using an exploit chain, an attacker with access to the network can get root access on the gateway.