MidnightBSD

Advisories for bg-tek

CVE-2021-4105

Improper Handling of Parameters vulnerability in BG-TEK COSLAT Firewall allows Remote Code Inclusion.This issue affects COSLAT Firewall: from 5.24.0.R.20180630 before 5.24.0.R.20210727.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@usom.gov.tr 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
bg-tek coslat_rm2s200_firmware *
bg-tek coslat_bx5s1d4_firmware *
bg-tek coslat_rm1ds1000_firmware *
bg-tek coslat_rm3s300_firmware *
bg-tek coslat_bx5s1d3_firmware *
bg-tek coslat_rm4s500_firmware *
bg-tek coslat_bx5s1d5_firmware *
bg-tek coslat_rm2ds2000_firmware *
CVE-2024-10035

Improper Control of Generation of Code ('Code Injection'), Improper Neutralization of Special Elements used in a Command ('Command Injection'), Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in BG-TEK Informatics Security Technologies CoslatV3 allows Command Injection, Privilege Escalation.This issue affects CoslatV3: through 3.1069. NOTE: The vendor was contacted and it was learned that the product is not supported.

Products Affected

Vendor Product Version
bg-tek coslat *