本ページは cellopoint cellos に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2020-17386 | Cellopoint CelloOS v4.1.10 Build 20190922 does not validate URL inputted properly. With cookie of an authenticated user, attackers can temper with the URL parameter and access arbitrary file on system. | [email protected] | 6.5 | 0.24% | 2020-08-25 | 2025-05-08 |
| CVE-2020-17385 | Cellopoint CelloOS v4.1.10 Build 20190922 does not validate URL inputted properly, which allows unauthorized user to launch Path Traversal attack and access arbitrate file on the system. | [email protected] | 7.5 | 0.42% | 2020-08-25 | 2025-05-08 |
| CVE-2020-17384 | Cellopoint CelloOS v4.1.10 Build 20190922 does not validate URL inputted properly. With the cookie of the system administrator, attackers can inject and remotely execute arbitrary command to manipulate the system. | [email protected] | 7.2 | 0.46% | 2020-08-25 | 2025-05-08 |