CVE-2020-8963
https://notcve.org/view.php?id=CVE-2020-8963
TimeTools SC7105 1.0.007, SC9205 1.0.007, SC9705 1.0.007, SR7110 1.0.007, SR9210 1.0.007, SR9750 1.0.007, SR9850 1.0.007, T100 1.0.003, T300 1.0.003, and T550 1.0.003 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the t3.cgi srmodel or srtime parameter. Los dispositivos TimeTools SC7105 versiones 1.0.007, SC9205 versiones 1.0.007, SC9705 versiones 1.0.007, SR7110 versiones 1.0.007, SR9210 versiones 1.0.007, SR9750 versiones 1.0.007, SR9850 versiones 1.0.007, T100 versiones 1.0.003, T300 versiones 1.0.003 y T550 versiones 1.0.003, permiten a atacantes remotos ejecutar comandos arbitrarios de Sistema Operativo por medio de metacaracteres de shell en los parámetros srmodel o srtime del archivo t3.cgi. • https://sku11army.blogspot.com/2020/02/timetools-sr-sc-series-network-time.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2020-8964
https://notcve.org/view.php?id=CVE-2020-8964
TimeTools SC7105 1.0.007, SC9205 1.0.007, SC9705 1.0.007, SR7110 1.0.007, SR9210 1.0.007, SR9750 1.0.007, SR9850 1.0.007, T100 1.0.003, T300 1.0.003, and T550 1.0.003 devices allow remote attackers to bypass authentication by placing t3axs=TiMEtOOlsj7G3xMm52wB in a t3.cgi request, aka a "hardcoded cookie." Los dispositivos TimeTools SC7105 versiones 1.0.007, SC9205 versiones 1.0.007, SC9705 versiones 1.0.007, SR7110 versiones 1.0.007, SR9210 versiones 1.0.007, SR9750 versiones 1.0.007, SR9850 versiones 1.0.007, T100 versiones 1.0.003, T300 versiones 1.0.003 y T550 versiones 1.0.003, permiten a atacantes remotos omitir la autenticación colocando t3axs=TiMEtOOlsj7G3xMm52wB en una petición del archivo t3.cgi, también se conoce como "hardcoded cookie". • https://sku11army.blogspot.com/2020/02/timetools-sr-sc-series-network-time.html • CWE-798: Use of Hard-coded Credentials •