PT-2020-15: NTPT3 protocol - file reading restrictions bypass

Ingenico
Tellium 2

Severity level

Severity level: Low
Impact: NTPT3 protocol - file reading restrictions bypass
Access Vector: Remote

CVSS v3.1:
Base Score: 2.4
Vector: (AV:P/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N)

CVE-2018-17766

Advisory status

01.09.2018 - Vendor gets vulnerability details
01.03.2020 - Vendor releases fixed version and details

Credits

The vulnerability was detected by Dmitry Sklyarov, Alexey Stennikov, Vladimir Kononovich, Georgy Zaytsev, Maxim Kozhevnikov, Positive Research Center (Positive Technologies Company)