Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Termod4_firmware
(Pyres)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 3 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-01-26 | CVE-2020-23160 | Remote code execution in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to arbitrary commands as root on the devices. | Termod4_firmware | 8.8 | ||
| 2021-01-26 | CVE-2020-23161 | Local file inclusion in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to traverse directories and read sensitive files via the Maintenance > Logs menu and manipulating the file-path in the URL. | Termod4_firmware | 6.5 | ||
| 2021-01-26 | CVE-2020-23162 | Sensitive information disclosure and weak encryption in Pyrescom Termod4 time management devices before 10.04k allows remote attackers to read a session-file and obtain plain-text user credentials. | Termod4_firmware | 7.5 |