Skip to main content

Clr M20 Firmware

1 CVEs product

Monthly

CVE-2018-15137 CRITICAL POC THREAT Act Now

CeLa Link CLR-M20 devices allow unauthorized users to upload any file (e.g., asp, aspx, cfm, html, jhtml, jsp, or shtml), which causes remote code execution as well. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload RCE Clr M20 Firmware
NVD GitHub Exploit-DB
CVSS 3.0
9.8
EPSS
18.2%
EPSS 18% CVSS 9.8
CRITICAL POC THREAT Act Now

CeLa Link CLR-M20 devices allow unauthorized users to upload any file (e.g., asp, aspx, cfm, html, jhtml, jsp, or shtml), which causes remote code execution as well. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload RCE Clr M20 Firmware
NVD GitHub Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy