CVE-2020-9474
HIGHSiedle SG 150-0 Firmware < 1.2.4 - Remote Code Execution via Backup Functionality
Title source: llmDescription
The S. Siedle & Soehne SG 150-0 Smart Gateway before 1.2.4 allows remote code execution via the backup functionality in the web frontend. By using an exploit chain, an attacker with access to the network can get root access on the gateway.
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://research.hisolutions.com/2020/04/open-the-gates-insecurity-of-cloudless-smart-door-systems/
Scores
CVSS v3
8.8
EPSS
0.0194
EPSS Percentile
77.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-494
Status
published
Products (1)
siedle/sg_150-0_firmware
< 1.2.4
Published
May 07, 2020
Tracked Since
Feb 18, 2026