Aggregates CVE and security vulnerability intelligence across all ingenico-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk buffer overflow and vendor risk cross-site scripting and related security problems, affecting vendor surface production workloads and vendor surface software deployment scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2024-6059 | A vulnerability, which was classified as problematic, has been found in Ingenico Estate Manager 2023. This issue affects some unknown processing of the file /emgui/rest/ums/messages of the component News Feed. The manipulation of the argument message leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-268787. NOTE: The vendor was contacted early about this disclos | [email protected] | 5.1 | 0.10% | 2024-06-17 | 2024-11-21 |
| CVE-2018-17774 | Ingenico Telium 2 POS terminals have an insecure NTPT3 protocol. This is fixed in Telium 2 SDK v9.32.03 patch N. | [email protected] | 6.8 | 0.09% | 2020-09-09 | 2024-11-21 |
| CVE-2018-17773 | Ingenico Telium 2 POS terminals have a buffer overflow via SOCKET_TASK in the NTPT3 protocol. This is fixed in Telium 2 SDK v9.32.03 patch N. | [email protected] | 6.8 | 0.10% | 2020-09-09 | 2024-11-21 |
| CVE-2018-17772 | Ingenico Telium 2 POS terminals allow arbitrary code execution via the TRACE protocol. This is fixed in Telium 2 SDK v9.32.03 patch N. | [email protected] | 6.8 | 0.11% | 2020-09-09 | 2024-11-21 |
| CVE-2018-17771 | Ingenico Telium 2 POS terminals have hardcoded FTP credentials. This is fixed in Telium 2 SDK v9.32.03 patch N. | [email protected] | 6.6 | 0.11% | 2020-09-09 | 2024-11-21 |
| CVE-2018-17770 | Ingenico Telium 2 POS terminals have a buffer overflow via the RemotePutFile command of the NTPT3 protocol. This is fixed in Telium 2 SDK v9.32.03 patch N. | [email protected] | 6.6 | 0.10% | 2020-09-09 | 2024-11-21 |
| CVE-2018-17769 | Ingenico Telium 2 POS terminals have a buffer overflow via the 0x26 command of the NTPT3 protocol. This is fixed in Telium 2 SDK v9.32.03 patch N. | [email protected] | 6.6 | 0.10% | 2020-09-09 | 2024-11-21 |
| CVE-2018-17768 | Ingenico Telium 2 POS terminals have an insecure TRACE protocol. This is fixed in Telium 2 SDK v9.32.03 patch N. | [email protected] | 6.8 | 0.09% | 2020-09-09 | 2024-11-21 |
| CVE-2018-17767 | Ingenico Telium 2 POS terminals have hardcoded PPP credentials. This is fixed in Telium 2 SDK v9.32.03 patch N. | [email protected] | 6.8 | 0.08% | 2020-09-09 | 2024-11-21 |
| CVE-2018-17766 | Ingenico Telium 2 POS Telium2 OS allow bypass of file-reading restrictions via the NTPT3 protocol. This is fixed in Telium 2 SDK v9.32.03 patch N. | [email protected] | 4.6 | 0.10% | 2020-09-09 | 2024-11-21 |
| CVE-2018-17765 | Ingenico Telium 2 POS terminals have undeclared TRACE protocol commands. This is fixed in Telium 2 SDK v9.32.03 patch N. | [email protected] | 6.8 | 0.09% | 2020-09-09 | 2024-11-21 |