CVE-2020-13712

Severity CVSS v4.0:

Pending analysis

Type:

CWE-78 OS Command Injections

Publication date:

20/12/2024

Last modified:

20/12/2024

Description

A command injection is possible through the user interface, allowing arbitrary command execution as <br /> the root user. oMG2000 running MGOS 3.15.1 or earlier is affected. <br /> <br /> MG90 running MGOS 4.2.1 or earlier is affected.

Impact

References to Advisories, Solutions, and Tools

https://source.sierrawireless.com/-/media/support_downloads/security-bulletins/pdf/swi-psa-2020-006---mgos-security-update.ashx