cvedb.io
CVE-2019-10478
HIGH · CVSS 7.2
EPSS exploitation probability: 0%
Published 2019-04-05T19:29:00.217 · Last modified 2026-06-17T02:11:01.053

Summary

An issue was discovered on Glory RBW-100 devices with firmware ISP-K05-02 7.0.0. An unrestricted file upload vulnerability in the Front Circle Controller glytoolcgi/settingfile_upload.cgi allows attackers to upload supplied data. This can be used to place attacker controlled code on the filesystem that can be executed and can lead to a reverse root shell.

Affected products

glory-global — rbw-100_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when glory-global ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.