Vulnerabilities (CVE)

Filtered by vendor Midasolutions Subscribe

Filtered by product Eframework

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-15921	1 Midasolutions	1 Eframework	2022-04-28	7.5 HIGH	9.8 CRITICAL
Mida eFramework through 2.9.0 has a back door that permits a change of the administrative password and access to restricted functionalities, such as Code Execution.
CVE-2020-15922	1 Midasolutions	1 Eframework	2022-01-01	10.0 HIGH	9.8 CRITICAL
There is an OS Command Injection in Mida eFramework 2.9.0 that allows an attacker to achieve Remote Code Execution (RCE) with administrative (root) privileges. Authentication is required.
CVE-2020-15920	1 Midasolutions	1 Eframework	2020-09-16	10.0 HIGH	9.8 CRITICAL
There is an OS Command Injection in Mida eFramework through 2.9.0 that allows an attacker to achieve Remote Code Execution (RCE) with administrative (root) privileges. No authentication is required.