Gira TKS-IP-Gateway 4.0.7.7 is vulnerable to authenticated remote code execution via the backup functionality of the web frontend. This can be combined with CVE-2020-10794 for remote root access.Referenceshttps://research.hisolutions.com/2020/04/open-the-gates-insecurity-of-cloudless-smart-door-systems/
