Softing uaGate SI 1.60.01 Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) Vulnerability


Softing uaGate SI 1.60.01 suffers from improper neutralization of special elements used in an os command (‘OS Command Injection’) vulnerability


The information has been provided by Vendor

The original article can be found at:


An issue was discovered in Softing uaGate SI 1.60.01. A CGI script is vulnerable to command injection with a maliciously crafted url parameter.

Vulnerable Systems:

Softing uaGate SI 1.60.01 

CVE Information:


Disclosure Timeline:
Published Date:10/10/2019