CVEs-PoC/2020/CVE-2020-24552.md

### [CVE-2020-24552](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24552)
![](https://img.shields.io/static/v1?label=Product&message=3G%2F4G%20LTE%20Cellular%20to%20Ethernet%20and%20Serial%20Secure%20Industrial%20Gateway%20SE5901&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=3G%2F4G%20LTE%20Cellular%20to%20Ethernet%20and%20Serial%20Secure%20Industrial%20Gateway%20SE5901B&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=3G%2F4G%20LTE%20Cellular%20to%20Ethernet%20and%20Serial%20Secure%20Industrial%20Gateway%20SE5904D&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=3G%2F4G%20LTE%20Cellular%20to%20Ethernet%20and%20Serial%20Secure%20Industrial%20Gateway%20SE5908&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=3G%2F4G%20LTE%20Cellular%20to%20Ethernet%20and%20Serial%20Secure%20Industrial%20Gateway%20SE5908A&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=3G%2F4G%20LTE%20Cellular%20to%20Ethernet%20and%20Serial%20Secure%20Industrial%20Gateway%20SE5916&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=3G%2F4G%20LTE%20Cellular%20to%20Ethernet%20and%20Serial%20Secure%20Industrial%20Gateway%20SE5916A&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=1.18%3C%3D%201.4%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=1.181.4%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-78%20OS%20Command%20Injection&color=brighgreen)

### Description

Atop Technology industrial 3G/4G gateway contains Command Injection vulnerability. Due to insufficient input validation, the device's web management interface allows attackers to inject specific code and execute system commands without privilege.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/404notf0und/CVE-Flow