📦

consona_subscriber_activation

Vendor: consona

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 1 Remote Access

Total CVEs 225 Total Indexed

Avg. EPSS 4.53% Exploit Prob.

Latest CVE CVE-2010-1906 May 12

Security Vulnerability Index

Page 1 / 23

7.2 CVSS

CVE-2010-1906

RCE

tgsrv.exe in the Repair Service in Consona Dynamic Agent, Repair Manager, Subscriber Activation, and Subscriber Agent relies on a predictable timestamp field to validate input to the \\.\pipe\__RepairService_pipe__company named pipe, which allows remote authenticated users to execute arbitrary code by obtaining the current time from (1) tcpip.sys or (2) an SMB2 service.

EPSS: 4.53%

Severity: HIGH

May 12, 2010

Displaying 1 of 225 Total Entries

1 2 3 4 5 ... 23

Total 23 Sections