Vulnerabilities > CVE-2019-15069 - Unspecified vulnerability in Gigastone Smart Battery A4 Firmware R1.7.9

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

gigastone

NVD

Published: 2019-09-25

Updated: 2020-08-24

Summary

An unsafe authentication interface was discovered in Smart Battery A4, a multifunctional portable charger, firmware version ?<= r1.7.9 . An attacker can bypass authentication without modifying device file and gain web page management privilege.

Vulnerable Configurations

Part	Description	Count
OS	Gigastone Gigastone Smart Battery A4 Firmware - Gigastone Smart Battery A4 Firmware R1.7.9	2
Hardware	Gigastone Gigastone Smart Battery A4 -	1

References

https://tvn.twcert.org.tw/taiwanvn/TVN-201908004
https://www.twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?lang=en-US&id=46