CVE-2021-4105
CRITICALBG-TEK COSLAT Firewall 5.24.0.R.20180630-5.24.0.R.20210727 - Remote Code Inclusion via Improper Parameter Handling
Title source: llmDescription
Improper Handling of Parameters vulnerability in BG-TEK COSLAT Firewall allows Remote Code Inclusion. This issue affects COSLAT Firewall: from 5.24.0.R.20180630 before 5.24.0.R.20210727.
References (3)
Core 3
Core References
Vendor Advisory vendor-advisory
http://blog.coslat.com/2021/07/onemli-kritik-guncelleme-2021-07-27.html
Third Party Advisory government-resource
broken-link
https://www.usom.gov.tr/bildirim/tr-23-0108
Government Resource government-resource
https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0108
Scores
CVSS v3
9.8
EPSS
0.0086
EPSS Percentile
53.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-755
Status
published
Products (9)
BG-TEK/COSLAT Firewall
5.24.0.r.20180630 - 5.24.0.r.20210727
bg-tek/coslat_bx5s1d3_firmware
5.24.0.r.20180630 - 5.24.0.r.20210727
bg-tek/coslat_bx5s1d4_firmware
5.24.0.r.20180630 - 5.24.0.r.20210727
bg-tek/coslat_bx5s1d5_firmware
5.24.0.r.20180630 - 5.24.0.r.20210727
bg-tek/coslat_rm1ds1000_firmware
5.24.0.r.20180630 - 5.24.0.r.20210727
bg-tek/coslat_rm2ds2000_firmware
5.24.0.r.20180630 - 5.24.0.r.20210727
bg-tek/coslat_rm2s200_firmware
5.24.0.r.20180630 - 5.24.0.r.20210727
bg-tek/coslat_rm3s300_firmware
5.24.0.r.20180630 - 5.24.0.r.20210727
bg-tek/coslat_rm4s500_firmware
5.24.0.r.20180630 - 5.24.0.r.20210727
Published
Feb 24, 2023
Tracked Since
Feb 18, 2026