← Back

Clr M20 Firmware

clr-m20_firmware

Vendor: Cela Link • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-15137
1Cela Link
1Clr M20 Firmware
Nov 21, 2024
Aug 8, 2018
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
CeLa Link CLR-M20 devices allow unauthorized users to upload any file (e.g., asp, aspx, cfm, html, jhtml, jsp, or shtml), which causes remote code execution as well. Because of the WebDAV feature, it is possible to uploa...Show more
CeLa Link CLR-M20 devices allow unauthorized users to upload any file (e.g., asp, aspx, cfm, html, jhtml, jsp, or shtml), which causes remote code execution as well. Because of the WebDAV feature, it is possible to upload arbitrary files by utilizing the PUT method.Show less