CVE-2020-13712

CVE-2020-13712: MGOS Command Injection

Vendor Sierra Wireless

Product MGOS

Weakness CWE-78

Published December 20, 2024

Last update December 26, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A command injection is possible through the user interface, allowing arbitrary command execution as the root user. oMG2000 running MGOS 3.15.1 or earlier is affected. MG90 running MGOS 4.2.1 or earlier is affected.

Key dates

02Disclosure timeline

December 20, 2024 CVE published

December 26, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2020-13712 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/78.html

Related vulnerabilities

Identifiers

CVE CVE-2020-13712

CWE CWE-78

Affected versions

Vendor Sierra Wireless

Product MGOS

Affected all versions before 3.15.1

Vendor Sierra Wireless

Product MGOS

Affected all versions before 4.2.1

CVE-2020-13712: MGOS Command Injection

01Description

02Disclosure timeline

03References

04Related CVE