Gw1101 1D Rs 485 Tb P
Monthly
Command injection in 3onedata GW1101-1D(RS-485)-TB-P Modbus gateway allows authenticated high-privilege users on adjacent networks to execute arbitrary shell commands as root via malicious input in the IP address field of diagnostic test tools. Exploitation requires administrative credentials and adjacent network access (CVSS 4.0: 9.3 AV:A/AC:L/PR:H). SSVC assessment indicates no active exploitation, non-automatable attack, with total technical impact. Fixed in firmware version 3.0.59B2024080600R4353.
Command injection in 3onedata GW1101-1D(RS-485)-TB-P Modbus gateway allows authenticated high-privilege users on adjacent networks to execute arbitrary shell commands as root via malicious input in the IP address field of diagnostic test tools. Exploitation requires administrative credentials and adjacent network access (CVSS 4.0: 9.3 AV:A/AC:L/PR:H). SSVC assessment indicates no active exploitation, non-automatable attack, with total technical impact. Fixed in firmware version 3.0.59B2024080600R4353.