{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-04T04:33:49.023","vulnerabilities":[{"cve":{"id":"CVE-2020-24552","sourceIdentifier":"twcert@cert.org.tw","published":"2020-09-10T09:15:12.097","lastModified":"2024-11-21T05:14:58.607","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Atop Technology industrial 3G/4G gateway contains Command Injection vulnerability. Due to insufficient input validation, the device's web management interface allows attackers to inject specific code and execute system commands without privilege."},{"lang":"es","value":"Una puerta de enlace industrial 3G/4G de Atop Technology contiene una vulnerabilidad de Inyección de Comando. Debido a una comprobación de entrada insuficiente, la interfaz de administración web del dispositivo permite a atacantes inyectar código específico y ejecutar comandos del sistema sin privilegios"}],"metrics":{"cvssMetricV31":[{"source":"twcert@cert.org.tw","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":4.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"twcert@cert.org.tw","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:atoptechnology:se5901_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"1.18","versionEndIncluding":"1.40","matchCriteriaId":"C5918207-0E49-459D-8B9D-C0DC044DE48F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:atoptechnology:se5901:-:*:*:*:*:*:*:*","matchCriteriaId":"C79C9A6A-E292-403E-AE7C-8585BF9DF9BF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:atoptechnology:se5901b_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"1.18","versionEndIncluding":"1.40","matchCriteriaId":"E196C85A-DD61-4AD3-9B3A-606ECD790272"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:atoptechnology:se5901b:-:*:*:*:*:*:*:*","matchCriteriaId":"F005E3ED-A937-4E22-B7E5-A19D75BFF19E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:atoptechnology:se5904d_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"1.18","versionEndIncluding":"1.40","matchCriteriaId":"04A2905F-6CB6-4034-91D4-31C35B818D6D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:atoptechnology:se5904d:-:*:*:*:*:*:*:*","matchCriteriaId":"993B0A78-9EF4-4CE3-97BE-83A8E5268DB9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:atoptechnology:se5908_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"1.18","versionEndIncluding":"1.40","matchCriteriaId":"FD9F05F1-E912-4886-9FE8-B41D7B2D9329"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:atoptechnology:se5908:-:*:*:*:*:*:*:*","matchCriteriaId":"B0A57F74-32C6-45E0-BFE0-27B3FE96AA80"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:atoptechnology:se5908a_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"1.18","versionEndIncluding":"1.40","matchCriteriaId":"9465E477-471B-4AD5-B997-5A767E87EF93"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:atoptechnology:se5908a:-:*:*:*:*:*:*:*","matchCriteriaId":"3BDA1AE5-5098-4B1F-B4FD-29F9935DF6E9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:atoptechnology:se5916_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"1.18","versionEndIncluding":"1.40","matchCriteriaId":"EE19B5D8-FBCD-4EAE-9A6B-B50E2742146C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:atoptechnology:se5916:-:*:*:*:*:*:*:*","matchCriteriaId":"61C8BC8B-F1F8-4A96-85AB-820101AA570A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:atoptechnology:se5916a_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"1.18","versionEndIncluding":"1.40","matchCriteriaId":"4E2EBD60-4323-4AAB-ABBA-DC4BCD717294"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:atoptechnology:se5916a:-:*:*:*:*:*:*:*","matchCriteriaId":"2D66FC6D-D307-4BA0-9807-D16C67203053"}]}]}],"references":[{"url":"https://www.twcert.org.tw/tw/cp-132-3956-608f1-1.html","source":"twcert@cert.org.tw","tags":["Third Party Advisory"]},{"url":"https://www.twcert.org.tw/tw/cp-132-3956-608f1-1.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}