Vulnerabilities > Gira > TKS IP Gateway Firmware

DATE CVE VULNERABILITY TITLE RISK
2020-05-07 CVE-2020-10795 OS Command Injection vulnerability in Gira Tks-Ip-Gateway Firmware 4.0.7.7
Gira TKS-IP-Gateway 4.0.7.7 is vulnerable to authenticated remote code execution via the backup functionality of the web frontend.
network
low complexity
gira CWE-78
7.2
7.2
2020-05-07 CVE-2020-10794 Path Traversal vulnerability in Gira Tks-Ip-Gateway Firmware 4.0.7.7
Gira TKS-IP-Gateway 4.0.7.7 is vulnerable to unauthenticated path traversal that allows an attacker to download the application database.
network
low complexity
gira CWE-22
critical
 9.8
9.8