Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
meinbergglobal lantime firmware vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2021-46902
An issue exists in LTOS-Web-Interface in Meinberg LANTIME-Firmware prior to 6.24.029 MBGID-9343 and 7 prior to 7.04.008 MBGID-6303. Path validation is mishandled, and thus an admin can read or delete files in violation of expected access controls.
Meinbergglobal Lantime Firmware
6.5
CVSSv3
CVE-2021-46903
An issue exists in LTOS-Web-Interface in Meinberg LANTIME-Firmware prior to 6.24.029 MBGID-9343 and 7 prior to 7.04.008 MBGID-6303. An admin can delete required user accounts (in violation of expected access control).
Meinbergglobal Lantime Firmware
7.2
CVSSv3
CVE-2023-1731
In Meinbergs LTOS versions prior to V7.06.013, the configuration file upload function would not correctly validate the input, which would allow an remote authenticated attacker with high privileges to execute arbitrary commands.
Meinbergglobal Lantime Firmware
8.8
CVSSv3
CVE-2020-7240
Meinberg Lantime M300 and M1000 devices allow attackers (with privileges to configure a device) to execute arbitrary OS commands by editing the /config/netconf.cmd script (aka Extended Network Configuration). Note: According to the description, the vulnerability requires a fully ...
Meinbergglobal Lantime M300 Firmware -
Meinbergglobal Lantime M1000 Firmware -
6.5
CVSSv3
CVE-2017-16786
The Web Configuration Utility in Meinberg LANTIME devices with firmware prior to 6.24.004 allows remote authenticated users with certain privileges to read arbitrary files via (1) the ntpclientcounterlogfile parameter to cgi-bin/mainv2 or (2) vectors involving curl support of the...
Meinbergglobal Lantime Firmware
6.5
CVSSv3
CVE-2017-16787
The Web Configuration Utility in Meinberg LANTIME devices with firmware prior to 6.24.004 allows remote malicious users to read arbitrary files by leveraging failure to restrict URL access.
Meinbergglobal Lantime Firmware
1 EDB exploit
7.2
CVSSv3
CVE-2017-16788
Directory traversal vulnerability in the "Upload Groupkey" functionality in the Web Configuration Utility in Meinberg LANTIME devices with firmware prior to 6.24.004 allows remote authenticated users with Admin-User access to write to arbitrary files and consequently ga...
Meinbergglobal Lantime Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started