GCVE - cpe:2.3:o:timetoolsltd:sc9205_firmware:1.0.007:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:timetoolsltd:sc9205_firmware:1.0.007:*:*:*:*:*:*:*

part: o version: 1.0.007 update: *

Vendor	Timetoolsltd (`12581132-d9b2-5324-ac29-475e807545d9`)
Product	Sc9205 Firmware (`93f87bc9-fc3a-5d4d-bdc4-5c22d1ae5cd4`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2020-8964`	vulnerable	2026-06-03 14:43:12.237064	Details available TimeTools SC7105 1.0.007, SC9205 1.0.007, SC9705 1.0.007, SR7110 1.0.007, SR9210 1.0.007, SR9750 1.0.007, SR9850 1.0.007, T100 1.0.003, T300 1.0.003, and T550 1.0.003 devices allow remote attackers to bypass authentication by placing t3axs=TiMEtOOlsj7G3xMm52wB in a t3.cgi request, aka a "hardcoded cookie." Published: 2020-02-13T02:56:32.000Z Updated: 2024-08-04T10:19:18.235Z Open on db.gcve.eu Reference links https://sku11army.blogspot.com/2020/02/timetools-sr-sc-series-network-time.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-8963`	vulnerable	2026-06-03 14:43:12.230596	Details available TimeTools SC7105 1.0.007, SC9205 1.0.007, SC9705 1.0.007, SR7110 1.0.007, SR9210 1.0.007, SR9750 1.0.007, SR9850 1.0.007, T100 1.0.003, T300 1.0.003, and T550 1.0.003 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the t3.cgi srmodel or srtime parameter. Published: 2020-02-13T02:56:47.000Z Updated: 2024-08-04T10:19:18.239Z Open on db.gcve.eu Reference links https://sku11army.blogspot.com/2020/02/timetools-sr-sc-series-network-time.html	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.