CVE-2017-6048

EPSS 15.5%CWE-77

Vexday Risk Score

23Bajo

Decisión SSVC (CISA)

Attend

PoC disponible → seguir de cerca

CVSS —EPSS 15.5%KEV nãoPoC —Nuclei —Metasploit simPatch —

Ciclo de vida

07 abr 2017Exploit Metasploit disponible

19 may 2017Publicada en NVD

Recomendación: Planificar corrección próxima — ya existe PoC pública.

A Command Injection issue was discovered in Satel Iberia SenNet Data Logger and Electricity Meters: SenNet Optimal DataLogger V5.37c-1.43c and prior, SenNet Solar Datalogger V5.03-1.56a and prior, and SenNet Multitask Meter V5.21a-1.18b and prior. Successful exploitation of this vulnerability could result in the attacker breaking out of the jailed shell and gaining full access to the system.

Productos afectados

n/a · Satel Iberia SenNet Data Logger and Electricity Meters

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://ics-cert.us-cert.gov/advisories/ICSA-17-131-02