CVE-2020-13712

Published Dec 20, 2024

Last updated 5 months ago

CVSS high 7.8

Overview

Description
A command injection is possible through the user interface, allowing arbitrary command execution as the root user. oMG2000 running MGOS 3.15.1 or earlier is affected.  MG90 running MGOS 4.2.1 or earlier is affected.
Source
security@sierrawireless.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.8
Impact score
5.9
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

security@sierrawireless.com
CWE-78
134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-77

Social media

Hype score
Not currently trending

References

Sources include official advisories and independent security research.