Skip to main content

Rangeeos

4 CVEs product

Monthly

CVE-2020-16282 HIGH This Week

In the default configuration of Rangee GmbH RangeeOS 8.0.4, all components are executed in the context of the privileged root user. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Rangeeos
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2020-16281 HIGH This Week

The Kommbox component in Rangee GmbH RangeeOS 8.0.4 could allow a local authenticated attacker to escape from the restricted environment and execute arbitrary code due to unrestricted context menus. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Rangeeos
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-16280 MEDIUM This Month

Multiple Rangee GmbH RangeeOS 8.0.4 modules store credentials in plaintext including credentials of users for several external facing administrative services, domain joined users, and local. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Rangeeos
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-16279 CRITICAL Act Now

The Kommbox component in Rangee GmbH RangeeOS 8.0.4 is vulnerable to Remote Code Execution due to untrusted user supplied input being passed to the command line without sanitization. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Command Injection Rangeeos
NVD
CVSS 3.1
9.8
EPSS
2.3%
EPSS 0% CVSS 8.8
HIGH This Week

In the default configuration of Rangee GmbH RangeeOS 8.0.4, all components are executed in the context of the privileged root user. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Rangeeos
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The Kommbox component in Rangee GmbH RangeeOS 8.0.4 could allow a local authenticated attacker to escape from the restricted environment and execute arbitrary code due to unrestricted context menus. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Rangeeos
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Multiple Rangee GmbH RangeeOS 8.0.4 modules store credentials in plaintext including credentials of users for several external facing administrative services, domain joined users, and local. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Rangeeos
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

The Kommbox component in Rangee GmbH RangeeOS 8.0.4 is vulnerable to Remote Code Execution due to untrusted user supplied input being passed to the command line without sanitization. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Command Injection Rangeeos
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy