Vulnerabilities > Meinbergglobal > Lantime
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-12-15 | CVE-2017-16788 | Path Traversal vulnerability in Meinbergglobal Lantime Firmware Directory traversal vulnerability in the "Upload Groupkey" functionality in the Web Configuration Utility in Meinberg LANTIME devices with firmware before 6.24.004 allows remote authenticated users with Admin-User access to write to arbitrary files and consequently gain root privileges by uploading a file, as demonstrated by storing a file in the cron.d directory. | 9.0 |
2017-12-15 | CVE-2017-16787 | Information Exposure vulnerability in Meinbergglobal Lantime Firmware The Web Configuration Utility in Meinberg LANTIME devices with firmware before 6.24.004 allows remote attackers to read arbitrary files by leveraging failure to restrict URL access. | 4.0 |