Softing uaGate SI 1.60.01 Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) Vulnerability

Summary

Softing uaGate SI 1.60.01 suffers from improper neutralization of special elements used in an os command (‘OS Command Injection’) vulnerability

Credit:

The information has been provided by Vendor

The original article can be found at: https://security.mioso.com/CVE-2019-11527-en.html


Details

An issue was discovered in Softing uaGate SI 1.60.01. A CGI script is vulnerable to command injection with a maliciously crafted url parameter.

Vulnerable Systems:

Softing uaGate SI 1.60.01 

CVE Information:

CVE-2019-11527 

Disclosure Timeline:
Published Date:10/10/2019