Meinbergglobal - Lantime Firmware CVE

Filtered by vendor Meinbergglobal Subscribe

Filtered by product Lantime Firmware

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2017-16788	1 Meinbergglobal	2 Lantime, Lantime Firmware	2018-01-03	9.0 HIGH	7.2 HIGH
Directory traversal vulnerability in the "Upload Groupkey" functionality in the Web Configuration Utility in Meinberg LANTIME devices with firmware before 6.24.004 allows remote authenticated users with Admin-User access to write to arbitrary files and consequently gain root privileges by uploading a file, as demonstrated by storing a file in the cron.d directory.

Vulnerabilities (CVE)