← Back

CVE-2020-16205

nvd nist
Published: Aug 14, 2020Modified: Nov 21, 2024

JSON object

Loading...
7.2
Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.2 / Impact: 5.9
Source: NVD

Description

Using a specially crafted URL command, a remote authenticated user can execute commands as root on the G-Cam and G-Code (Firmware Versions 1.12.0.25 and prior as well as the limited Versions 1.12.13.2 and 1.12.14.5).

Affected (33)

Geutebrueck
11 products
G Cam Ebc 2110 Firmware
G Cam Ebc 2111 Firmware
G Cam Efd 2240 Firmware
G Cam Efd 2241 Firmware
G Cam Efd 2250 Firmware
G Cam Ethc 2230 Firmware
G Cam Ethc 2239 Firmware
G Cam Ethc 2240 Firmware
G Cam Ethc 2249 Firmware
G Cam Ewpc 2270 Firmware
G Code Eec 2400 Firmware
Configuration A
33 vulnerable · 11 platform
Vulnerable SoftwareAffected Versions
Geutebrueck
G Cam Ebc 2110 Firmware
Version 1.12.0.25
G Cam Ebc 2110 Firmware
Version 1.12.13.2
G Cam Ebc 2110 Firmware
Version 1.12.14.5
Geutebrueck
G Cam Ebc 2111 Firmware
Version 1.12.0.25
G Cam Ebc 2111 Firmware
Version 1.12.13.2
G Cam Ebc 2111 Firmware
Version 1.12.14.5
Geutebrueck
G Cam Efd 2240 Firmware
Version 1.12.0.25
G Cam Efd 2240 Firmware
Version 1.12.13.2
G Cam Efd 2240 Firmware
Version 1.12.14.5
Geutebrueck
G Cam Efd 2241 Firmware
Version 1.12.0.25
G Cam Efd 2241 Firmware
Version 1.12.13.2
G Cam Efd 2241 Firmware
Version 1.12.14.5
Geutebrueck
G Cam Efd 2250 Firmware
Version 1.12.0.25
G Cam Efd 2250 Firmware
Version 1.12.13.2
G Cam Efd 2250 Firmware
Version 1.12.14.5
Geutebrueck
G Cam Ethc 2230 Firmware
Version 1.12.0.25
G Cam Ethc 2230 Firmware
Version 1.12.13.2
G Cam Ethc 2230 Firmware
Version 1.12.14.5
Geutebrueck
G Cam Ethc 2239 Firmware
Version 1.12.0.25
G Cam Ethc 2239 Firmware
Version 1.12.13.2
G Cam Ethc 2239 Firmware
Version 1.12.14.5
Geutebrueck
G Cam Ethc 2240 Firmware
Version 1.12.0.25
G Cam Ethc 2240 Firmware
Version 1.12.13.2
G Cam Ethc 2240 Firmware
Version 1.12.14.5
Geutebrueck
G Cam Ethc 2249 Firmware
Version 1.12.0.25
G Cam Ethc 2249 Firmware
Version 1.12.13.2
G Cam Ethc 2249 Firmware
Version 1.12.14.5
Geutebrueck
G Cam Ewpc 2270 Firmware
Version 1.12.0.25
G Cam Ewpc 2270 Firmware
Version 1.12.13.2
G Cam Ewpc 2270 Firmware
Version 1.12.14.5
Geutebrueck
G Code Eec 2400 Firmware
Version 1.12.0.25
G Code Eec 2400 Firmware
Version 1.12.13.2
G Code Eec 2400 Firmware
Version 1.12.14.5
Running on/withPlatform Versions
Geutebrueck
G Cam Ebc 2110
All versions
Geutebrueck
G Cam Ebc 2111
All versions
Geutebrueck
G Cam Efd 2240
All versions
Geutebrueck
G Cam Efd 2241
All versions
Geutebrueck
G Cam Efd 2250
All versions
Geutebrueck
G Cam Ethc 2230
All versions
Geutebrueck
G Cam Ethc 2239
All versions
Geutebrueck
G Cam Ethc 2240
All versions
Geutebrueck
G Cam Ethc 2249
All versions
Geutebrueck
G Cam Ewpc 2270
All versions
Geutebrueck
G Code Eec 2400
All versions

Related CWEs

CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

References (4)

Source: ics-cert@hq.dhs.gov
ExploitThird Party Advisory
Source: ics-cert@hq.dhs.gov
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource

Timeline

No history available yet.