Search
Total
2443 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-15428 | 1 Centos-webpanel | 1 Centos Web Panel | 2020-07-29 | 10.0 HIGH | 9.8 CRITICAL |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_crons.php. When parsing the line parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-9714. | |||||
| CVE-2020-15426 | 1 Centos-webpanel | 1 Centos Web Panel | 2020-07-29 | 10.0 HIGH | 9.8 CRITICAL |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_migration_cpanel.php. When parsing the serverip parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-9709. | |||||
| CVE-2020-15432 | 1 Centos-webpanel | 1 Centos Web Panel | 2020-07-29 | 10.0 HIGH | 9.8 CRITICAL |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_migration_cpanel.php. When parsing the filespace parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-9743. | |||||
| CVE-2020-15433 | 1 Centos-webpanel | 1 Centos Web Panel | 2020-07-29 | 10.0 HIGH | 9.8 CRITICAL |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_php_pecl.php. When parsing the phpversion parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-9715. | |||||
| CVE-2020-15611 | 1 Centos-webpanel | 1 Centos Web Panel | 2020-07-29 | 10.0 HIGH | 9.8 CRITICAL |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_dashboard.php. When parsing the service_restart parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-9734. | |||||
| CVE-2020-15613 | 1 Centos-webpanel | 1 Centos Web Panel | 2020-07-29 | 10.0 HIGH | 9.8 CRITICAL |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_admin_apis.php. When parsing the line parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-9739. | |||||
| CVE-2020-15614 | 1 Centos-webpanel | 1 Centos Web Panel | 2020-07-29 | 10.0 HIGH | 9.8 CRITICAL |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_php_pecl.php. When parsing the cha parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-9718. | |||||
| CVE-2020-15615 | 1 Centos-webpanel | 1 Centos Web Panel | 2020-07-29 | 10.0 HIGH | 9.8 CRITICAL |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_ftp_manager.php. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-9746. | |||||
| CVE-2020-15434 | 1 Centos-webpanel | 1 Centos Web Panel | 2020-07-29 | 10.0 HIGH | 9.8 CRITICAL |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_php_pecl.php. When parsing the canal parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-9745. | |||||
| CVE-2020-15609 | 1 Centos-webpanel | 1 Centos Web Panel | 2020-07-28 | 10.0 HIGH | 9.8 CRITICAL |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_dashboard.php. When parsing the service_stop parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-9726. | |||||
| CVE-2020-15631 | 1 Dlink | 2 Dap-1860, Dap-1860 Firmware | 2020-07-28 | 5.8 MEDIUM | 8.0 HIGH |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 1.04B03_HOTFIX WiFi extenders. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the HNAP service, which listens on TCP port 80 by default. When parsing the SOAPAction header, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-10084. | |||||
| CVE-2020-15123 | 1 Codecov | 1 Codecov | 2020-07-27 | 6.8 MEDIUM | 9.3 CRITICAL |
| In codecov (npm package) before version 3.7.1 the upload method has a command injection vulnerability. Clients of the codecov-node library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability. A similar CVE (CVE-2020-7597 for GHSA-5q88-cjfq-g2mh) was issued but the fix was incomplete. It only blocked &, and command injection is still possible using backticks instead to bypass the sanitizer. The attack surface is low in this case. Particularly in the standard use of codecov, where the module is used directly in a build pipeline, not built against as a library in another application that may supply malicious input and perform command injection. | |||||
| CVE-2020-15916 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2020-07-27 | 10.0 HIGH | 9.8 CRITICAL |
| goform/AdvSetLanip endpoint on Tenda AC15 AC1900 15.03.05.19 devices allows remote attackers to execute arbitrary system commands via shell metacharacters in the lanIp POST parameter. | |||||
| CVE-2020-15893 | 1 D-link | 2 Dir-816l, Dir-816l Firmware | 2020-07-24 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. Universal Plug and Play (UPnP) is enabled by default on port 1900. An attacker can perform command injection by injecting a payload into the Search Target (ST) field of the SSDP M-SEARCH discover packet. | |||||
| CVE-2020-11981 | 1 Apache | 1 Airflow | 2020-07-24 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was found in Apache Airflow versions 1.10.10 and below. When using CeleryExecutor, if an attacker can connect to the broker (Redis, RabbitMQ) directly, it is possible to inject commands, resulting in the celery worker running arbitrary commands. | |||||
| CVE-2020-7825 | 1 Tobesoft | 1 Miplatform | 2020-07-23 | 10.0 HIGH | 9.8 CRITICAL |
| A vulnerability exists that could allow the execution of operating system commands on systems running MiPlatform 2019.05.16 and earlier. An attacker could execute arbitrary remote command by sending parameters to WinExec function in ExtCommandApi.dll module of MiPlatform. | |||||
| CVE-2020-5757 | 1 Grandstream | 6 Ucm6202, Ucm6202 Firmware, Ucm6204 and 3 more | 2020-07-23 | 10.0 HIGH | 9.8 CRITICAL |
| Grandstream UCM6200 series firmware version 1.0.20.23 and below is vulnerable to OS command injection via HTTP. An authenticated remote attacker can bypass command injection mitigations and execute commands as the root user by sending a crafted HTTP POST to the UCM's "New" HTTPS API. | |||||
| CVE-2020-3332 | 1 Cisco | 8 Rv110w Wireless-n Vpn Firewall, Rv110w Wireless-n Vpn Firewall Firmware, Rv130 Vpn Router and 5 more | 2020-07-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers could allow an authenticated, remote attacker to inject arbitrary shell commands that are executed by an affected device. The vulnerability is due to insufficient input validation of user-supplied data. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary shell commands or scripts with root privileges on the affected device. | |||||
| CVE-2020-5758 | 1 Grandstream | 6 Ucm6202, Ucm6202 Firmware, Ucm6204 and 3 more | 2020-07-23 | 9.0 HIGH | 8.8 HIGH |
| Grandstream UCM6200 series firmware version 1.0.20.23 and below is vulnerable to OS command injection via HTTP. An authenticated remote attacker can execute commands as the root user by sending a crafted HTTP GET to the UCM's "Old" HTTPS API. | |||||
| CVE-2020-5759 | 1 Grandstream | 6 Ucm6202, Ucm6202 Firmware, Ucm6204 and 3 more | 2020-07-23 | 10.0 HIGH | 9.8 CRITICAL |
| Grandstream UCM6200 series firmware version 1.0.20.23 and below is vulnerable to OS command injection via SSH. An authenticated remote attacker can execute commands as the root user by issuing a specially crafted "unset" command. | |||||
| CVE-2020-5756 | 1 Grandstream | 2 Gwn7000, Gwn7000 Firmware | 2020-07-22 | 9.0 HIGH | 8.8 HIGH |
| Grandstream GWN7000 firmware version 1.0.9.4 and below allows authenticated remote users to modify the system's crontab via undocumented API. An attacker can use this functionality to execute arbitrary OS commands on the router. | |||||
| CVE-2020-8958 | 1 Gpononu | 4 1ge\+3fe\+wifi Onu V2804rgw, 1ge\+3fe\+wifi Onu V2804rgw Firmware, 1ge Router Wifi Onu V2801rw and 1 more | 2020-07-22 | 9.0 HIGH | 7.2 HIGH |
| Guangzhou 1GE ONU V2801RW 1.9.1-181203 through 2.9.0-181024 and V2804RGW 1.9.1-181203 through 2.9.0-181024 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the boaform/admin/formPing Dest IP Address field. | |||||
| CVE-2020-13925 | 1 Apache | 1 Kylin | 2020-07-21 | 10.0 HIGH | 9.8 CRITICAL |
| Similar to CVE-2020-1956, Kylin has one more restful API which concatenates the API inputs into OS commands and then executes them on the server; while the reported API misses necessary input validation, which causes the hackers to have the possibility to execute OS command remotely. Users of all previous versions after 2.3 should upgrade to 3.1.0. | |||||
| CVE-2020-8178 | 1 Jison Project | 1 Jison | 2020-07-21 | 10.0 HIGH | 9.8 CRITICAL |
| Insufficient input validation in npm package `jison` <= 0.4.18 may lead to OS command injection attacks. | |||||
| CVE-2020-11953 | 1 Rittal | 9 Cmc Iii Pu 7030.000, Cmc Iii Pu 7030.000 Firmware, Cmciii-pu-9333e0fb and 6 more | 2020-07-17 | 9.0 HIGH | 8.8 HIGH |
| An issue was discovered on Rittal PDU-3C002DEC through 5.15.40 and CMCIII-PU-9333E0FB through 3.15.70_4 devices. Attackers can execute code. | |||||
| CVE-2020-1956 | 1 Apache | 1 Kylin | 2020-07-15 | 9.0 HIGH | 8.8 HIGH |
| Apache Kylin 2.3.0, and releases up to 2.6.5 and 3.0.1 has some restful apis which will concatenate os command with the user input string, a user is likely to be able to execute any os command without any protection or validation. | |||||
| CVE-2020-4512 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2020-07-14 | 6.5 MEDIUM | 7.2 HIGH |
| IBM QRadar SIEM 7.3 and 7.4 could allow a remote privileged user to execute commands. | |||||
| CVE-2020-2034 | 1 Paloaltonetworks | 1 Pan-os | 2020-07-14 | 9.3 HIGH | 8.1 HIGH |
| An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based attacker to execute arbitrary OS commands with root privileges. An attacker requires some knowledge of the firewall to exploit this issue. This issue can not be exploited if GlobalProtect portal feature is not enabled. This issue impacts PAN-OS 9.1 versions earlier than PAN-OS 9.1.3; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; all versions of PAN-OS 8.0 and PAN-OS 7.1. Prisma Access services are not impacted by this vulnerability. | |||||
| CVE-2020-2030 | 1 Paloaltonetworks | 1 Pan-os | 2020-07-14 | 9.0 HIGH | 7.2 HIGH |
| An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; and all versions of PAN-OS 7.1 and PAN-OS 8.0. This issue does not impact PAN-OS 9.0, PAN-OS 9.1, or Prisma Access services. | |||||
| CVE-2020-7688 | 1 Mversion Project | 1 Mversion | 2020-07-14 | 4.6 MEDIUM | 7.8 HIGH |
| The issue occurs because tagName user input is formatted inside the exec function is executed without any checks. | |||||
| CVE-2020-14947 | 1 Factorfx | 1 Open Computer Software Inventory Next Generation | 2020-07-13 | 6.5 MEDIUM | 8.8 HIGH |
| OCS Inventory NG 2.7 allows Remote Command Execution via shell metacharacters to require/commandLine/CommandLine.php because mib_file in plugins/main_sections/ms_config/ms_snmp_config.php is mishandled in get_mib_oid. | |||||
| CVE-2018-16117 | 1 Sophos | 2 Sfos, Xg Firewall | 2020-07-13 | 9.0 HIGH | 8.8 HIGH |
| A shell escape vulnerability in /webconsole/Controller in Admin Portal of Sophos XG firewall 17.0.8 MR-8 allow remote authenticated attackers to execute arbitrary OS commands via shell metacharacters in the "dbName" POST parameter. | |||||
| CVE-2020-5352 | 1 Dell | 1 Emc Data Protection Advisor | 2020-07-13 | 9.0 HIGH | 8.8 HIGH |
| Dell EMC Data Protection Advisor 6.4, 6.5 and 18.1 contain an OS command injection vulnerability. A remote authenticated malicious user may exploit this vulnerability to execute arbitrary commands on the affected system. | |||||
| CVE-2020-8188 | 1 Ui | 4 Unifi Cloud Key Plus, Unifi Dream Machine Pro, Unifi Protect and 1 more | 2020-07-09 | 6.5 MEDIUM | 8.8 HIGH |
| We have recently released new version of UniFi Protect firmware v1.13.3 and v1.14.10 for Unifi Cloud Key Gen2 Plus and UniFi Dream Machine Pro/UNVR respectively that fixes vulnerabilities found on Protect firmware v1.13.2, v1.14.9 and prior according to the description below:View only users can run certain custom commands which allows them to assign themselves unauthorized roles and escalate their privileges. | |||||
| CVE-2020-14414 | 1 Nedi | 1 Nedi | 2020-07-06 | 9.0 HIGH | 8.8 HIGH |
| NeDi 1.9C is vulnerable to Remote Command Execution. pwsec.php improperly escapes shell metacharacters from a POST request. An attacker can exploit this by crafting an arbitrary payload (any system commands) that contains shell metacharacters via a POST request with a pw parameter. (This can also be exploited via CSRF.) | |||||
| CVE-2020-14412 | 1 Nedi | 1 Nedi | 2020-07-06 | 9.0 HIGH | 8.8 HIGH |
| NeDi 1.9C is vulnerable to Remote Command Execution. System-Snapshot.php improperly escapes shell metacharacters from a POST request. An attacker can exploit this by crafting an arbitrary payload (any system commands) that contains shell metacharacters via a POST request with a psw parameter. (This can also be exploited via CSRF.) | |||||
| CVE-2020-15415 | 1 Draytek | 6 Vigor2960, Vigor2960 Firmware, Vigor300b and 3 more | 2020-07-02 | 7.5 HIGH | 9.8 CRITICAL |
| On DrayTek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1, cgi-bin/mainfunction.cgi/cvmcfgupload allows remote command execution via shell metacharacters in a filename when the text/x-python-script content type is used, a different issue than CVE-2020-14472. | |||||
| CVE-2019-7269 | 1 Nortekcontrol | 4 Linear Emerge 5000p, Linear Emerge 5000p Firmware, Linear Emerge 50p and 1 more | 2020-07-02 | 10.0 HIGH | 9.8 CRITICAL |
| Linear eMerge 50P/5000P devices allow Authenticated Command Injection with root Code Execution. | |||||
| CVE-2019-16213 | 1 Tendacn | 2 Pa6, Pa6 Firmware | 2020-07-01 | 9.0 HIGH | 8.8 HIGH |
| Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted string, an attacker could modify the device name of an attached PLC adapter to inject and execute arbitrary commands on the system with root privileges. | |||||
| CVE-2020-13159 | 1 Articatech | 1 Artica Proxy | 2020-07-01 | 10.0 HIGH | 9.8 CRITICAL |
| Artica Proxy before 4.30.000000 Community Edition allows OS command injection via the Netbios name, Server domain name, dhclient_mac, Hostname, or Alias field. NOTE: this may overlap CVE-2020-10818. | |||||
| CVE-2017-6320 | 1 Barracuda | 1 Load Balancer Adc | 2020-07-01 | 9.0 HIGH | 8.8 HIGH |
| A remote command injection vulnerability exists in the Barracuda Load Balancer product line (confirmed on v5.4.0.004 (2015-11-26) and v6.0.1.006 (2016-08-19); fixed in 6.1.0.003 (2017-01-17)) in which an authenticated user can execute arbitrary shell commands and gain root privileges. The vulnerability stems from unsanitized data being processed in a system call when the delete_assessment command is issued. | |||||
| CVE-2015-5958 | 1 Phpfilemanager Project | 1 Phpfilemanager | 2020-06-30 | 9.3 HIGH | 8.8 HIGH |
| phpFileManager 0.9.8 allows remote attackers to execute arbitrary commands via a crafted URL. | |||||
| CVE-2020-4066 | 1 Limdu Project | 1 Limdu | 2020-06-30 | 9.0 HIGH | 7.2 HIGH |
| In Limdu before 0.95, the trainBatch function has a command injection vulnerability. Clients of the Limdu library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability. This has been patched in 0.95. | |||||
| CVE-2020-8130 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2020-06-30 | 6.9 MEDIUM | 6.4 MEDIUM |
| There is an OS command injection vulnerability in Ruby Rake < 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character `|`. | |||||
| CVE-2020-3336 | 1 Cisco | 2 Roomos, Telepresence Collaboration Endpoint | 2020-06-24 | 9.0 HIGH | 7.2 HIGH |
| A vulnerability in the software upgrade process of Cisco TelePresence Collaboration Endpoint Software and Cisco RoomOS Software could allow an authenticated, remote attacker to modify the filesystem to cause a denial of service (DoS) or gain privileged access to the root filesystem. The vulnerability is due to insufficient input validation. An attacker with administrative privileges could exploit this vulnerability by sending requests with malformed parameters to the system using the console, Secure Shell (SSH), or web API. A successful exploit could allow the attacker to modify the device configuration or cause a DoS. | |||||
| CVE-2020-3274 | 1 Cisco | 12 Rv016, Rv016 Firmware, Rv042 and 9 more | 2020-06-23 | 9.0 HIGH | 7.2 HIGH |
| Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system. | |||||
| CVE-2020-3275 | 1 Cisco | 12 Rv016, Rv016 Firmware, Rv042 and 9 more | 2020-06-23 | 9.0 HIGH | 7.2 HIGH |
| Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system. | |||||
| CVE-2020-3278 | 1 Cisco | 12 Rv016, Rv016 Firmware, Rv042 and 9 more | 2020-06-23 | 9.0 HIGH | 7.2 HIGH |
| Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system. | |||||
| CVE-2020-3279 | 1 Cisco | 12 Rv016, Rv016 Firmware, Rv042 and 9 more | 2020-06-23 | 9.0 HIGH | 7.2 HIGH |
| Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system. | |||||
| CVE-2020-3276 | 1 Cisco | 12 Rv016, Rv016 Firmware, Rv042 and 9 more | 2020-06-23 | 9.0 HIGH | 7.2 HIGH |
| Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system. | |||||