CVE-2019-6839

CVE-2019-6839

Vendor N/A
Product U.motion Servers (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, and MEG6260-0415 - U.motion KNX Server Plus, Touch 1)
Weakness CWE-434 · Unrestricted file upload
Published September 17, 2019
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow a user with low privileges to upload a rogue file.

Key dates

02Disclosure timeline

September 17, 2019 CVE published
August 4, 2024 Record updated