Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2019-6839

EPSS 0.48% · P65
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2019-6839

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow a user with low privileges to upload a rogue file.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
危险类型文件的不加限制上传
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款Schneider Electric产品代码问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Schneider Electric MEG6501-0001等都是法国施耐德电气(Schneider Electric)公司的一套基于Web的可视化系统。该系统主要用于基于KNX的家庭和楼宇自动化。 多款Schneider Electric产品中存在代码问题漏洞。该漏洞源于网络系统或产品的代码开发过程中存在设计或实现不当的问题。以下产品及版本受到影响:使用1.3.7之前版本固件的Schneider Electric MEG6501-0001;使用1.3.7之前版本固件的MEG6501-0002;使用1.
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-U.motion Servers (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, and MEG6260-0415 - U.motion KNX Server Plus, Touch 1) U.motion Servers (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, and MEG6260-0415 - U.motion KNX Server Plus, Touch 1) -

II. Public POCs for CVE-2019-6839

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2019-6839

登录查看更多情报信息。

Same Patch Batch · n/a · 2019-09-17 · 39 CVEs total

CVE-2016-10978WordPress fossura-tag-miner 跨站请求伪造漏洞
CVE-2016-10987WordPress persian-woocommerce-sms插件跨站脚本漏洞
CVE-2016-10986WordPress tweet-wheel插件跨站脚本漏洞
CVE-2016-10985WordPress echosign插件跨站脚本漏洞
CVE-2016-10984WordPress echosign插件跨站脚本漏洞
CVE-2016-10983WordPress ghost 授权问题漏洞
CVE-2016-10982WordPress kento-post-view-counter 跨站请求伪造漏洞
CVE-2016-10981WordPress kento-post-view-counter 跨站脚本漏洞
CVE-2016-10980WordPress kento-post-view-counter 跨站脚本漏洞
CVE-2016-10979WordPress fossura-tag-miner 跨站脚本漏洞
CVE-2016-10988WordPress leenkme插件跨站脚本漏洞
CVE-2016-10977WordPress nelio-ab-testing插件路径遍历漏洞
CVE-2016-10976WordPress safe-editor插件跨站脚本漏洞
CVE-2016-10975WordPress fluid-responsive-slideshow插件跨站脚本漏洞
CVE-2016-10974WordPress fluid-responsive-slideshow插件跨站请求伪造漏洞
CVE-2019-90083S-Smart Software Solutions CODESYS Control online user management 安全漏洞
CVE-2019-15131Code42 Software Code42 for Enterprise 代码问题漏洞
CVE-2019-16239OpenConnect 缓冲区错误漏洞
CVE-2019-16378OpenDMARC 安全漏洞
CVE-2018-20336ASUS Asuswrt-Merlin 缓冲区错误漏洞

Showing top 20 of 39 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: U.motion Servers (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, and MEG6260-0415 - U.motion KNX Server Plus, Touch 1)
Same vendor: n/a
Same weakness: CWE-434

V. Comments for CVE-2019-6839

No comments yet

Leave a comment