Skip to main content

Cellos

3 CVEs product

Monthly

CVE-2020-17386 MEDIUM This Month

Cellopoint CelloOS v4.1.10 Build 20190922 does not validate URL inputted properly. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Cellos
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2020-17385 HIGH This Week

Cellopoint CelloOS v4.1.10 Build 20190922 does not validate URL inputted properly, which allows unauthorized user to launch Path Traversal attack and access arbitrate file on the system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Cellos
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2020-17384 HIGH This Week

Cellopoint CelloOS v4.1.10 Build 20190922 does not validate URL inputted properly. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Cellos
NVD
CVSS 3.1
7.2
EPSS
1.9%
EPSS 1% CVSS 6.5
MEDIUM This Month

Cellopoint CelloOS v4.1.10 Build 20190922 does not validate URL inputted properly. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Cellos
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Cellopoint CelloOS v4.1.10 Build 20190922 does not validate URL inputted properly, which allows unauthorized user to launch Path Traversal attack and access arbitrate file on the system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Cellos
NVD
EPSS 2% CVSS 7.2
HIGH This Week

Cellopoint CelloOS v4.1.10 Build 20190922 does not validate URL inputted properly. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Cellos
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy