Vulnerabilities > Gira > TKS IP Gateway Firmware

DATE CVE VULNERABILITY TITLE RISK
2020-05-07 CVE-2020-10795 OS Command Injection vulnerability in Gira Tks-Ip-Gateway Firmware 4.0.7.7
Gira TKS-IP-Gateway 4.0.7.7 is vulnerable to authenticated remote code execution via the backup functionality of the web frontend.
network
low complexity
gira CWE-78
critical
 9.0
9.0
2020-05-07 CVE-2020-10794 Path Traversal vulnerability in Gira Tks-Ip-Gateway Firmware 4.0.7.7
Gira TKS-IP-Gateway 4.0.7.7 is vulnerable to unauthenticated path traversal that allows an attacker to download the application database.
network
low complexity
gira CWE-22
5.0
5.0