1 results (0.001 seconds)
CVSS: 9.9EPSS: 78%CPEs: 23EXPL: 3
CVSS: 9.9EPSS: 78%CPEs: 23EXPL: 3CVE-2020-7357 – Cayin CMS Command Injection
https://notcve.org/view.php?id=CVE-2020-7357
18 Jun 2020 — Cayin CMS suffers from an authenticated OS semi-blind command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user through the 'NTP_Server_IP' HTTP POST parameter in system.cgi page. This issue affects several branches and versions of the CMS application, including CME-SE, CMS-60, CMS-40, CMS-20, and CMS version 8.2, 8.0, and 7.5. Cayin CMS sufre de una vulnerabilidad de inyección de comando semi-ciega autenticada del Sistem... • https://packetstorm.news/files/id/158139 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •