Getvera Vera Edge Firmware vulnerabilities
2 known vulnerabilities affecting getvera/vera_edge_firmware.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2019-13598P2CRITICALCVSS 9.8v1.7.44522019-07-14
CVE-2019-13598 [CRITICAL] CWE-78 CVE-2019-13598: LuaUPnP in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users to execute arbitra
LuaUPnP in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users to execute arbitrary OS commands via the code parameter to /port_3480/data_request because the "No unsafe lua allowed" code block is skipped.
nvd
CVE-2019-15498P3HIGHCVSS 8.8v1.7.44522019-08-23
CVE-2019-15498 [HIGH] CWE-88 CVE-2019-15498: cgi-bin/cmh/webcam.sh in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users to e
cgi-bin/cmh/webcam.sh in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users to execute arbitrary OS commands via --output argument injection in the username parameter to /cgi-bin/cmh/webcam.sh.
nvd