Lucene search
+L

CVE-2020-16602

🗓️ 02 Sep 2020 12:57:41Reported by mitreType 
cve
 cve
🔗 web.nvd.nist.gov👁 111 Views🌐 WEB

Razer Chroma SDK Rest Server through 3.12.17 allows remote attackers to execute arbitrary programs due to a race condition in file execution

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
0day.today
Razer Chroma SDK Server 3.16.02 - Race Condition Remote File Execution Exploit
26 Nov 202000:00
zdt
Circl
CVE-2020-16602
26 Nov 202000:00
circl
Cvelist
CVE-2020-16602
2 Sep 202012:57
cvelist
Exploit DB
Razer Chroma SDK Server 3.16.02 - Race Condition Remote File Execution
26 Nov 202000:00
exploitdb
EUVD
EUVD-2020-8563
7 Oct 202500:30
euvd
NVD
CVE-2020-16602
2 Sep 202013:15
nvd
OSV
CVE-2020-16602
2 Sep 202013:15
osv
Packet Storm
Razer Chroma SDK Server 3.16.02 Race Condition
26 Nov 202000:00
packetstorm
Prion
Race condition
2 Sep 202013:15
prion
Positive Technologies
PT-2020-14874 · Razer · Razer Chroma Sdk Rest Server
2 Sep 202000:00
ptsecurity
Rows per page
NVD
Node
razerchroma_sdkRange3.12.17
ParameterPositionPathDescriptionCWE
effectrequest bodychromasdk.io:54236/razer/chromasdk/keyboardPayload delivery to configure chroma effects as part of exploitation sequence leading to race condition during file handling.CWE-362
paramrequest bodychromasdk.io:54236/razer/chromasdk/keyboardPayload delivery to configure chroma effects as part of exploitation sequence leading to race condition during file handling.CWE-362
titlerequest bodychromasdk.io:54236/razer/chromasdkRegistration step used as attack vector to populate server with a vulnerable app entry and trigger race condition for potential remote file execution.CWE-362
descriptionrequest bodychromasdk.io:54236/razer/chromasdkRegistration step used as attack vector to populate server with a vulnerable app entry and trigger race condition for potential remote file execution.CWE-362
authorrequest bodychromasdk.io:54236/razer/chromasdkRegistration step used as attack vector to populate server with a vulnerable app entry and trigger race condition for potential remote file execution.CWE-362
device_supportedrequest bodychromasdk.io:54236/razer/chromasdkRegistration step used as attack vector to populate server with a vulnerable app entry and trigger race condition for potential remote file execution.CWE-362
categoryrequest bodychromasdk.io:54236/razer/chromasdkRegistration step used as attack vector to populate server with a vulnerable app entry and trigger race condition for potential remote file execution.CWE-362

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

17 Jun 2026 02:58Current
8.2High risk
Vulners AI Score8.2
CVSS 26.8
CVSS 3.18.1
EPSS0.05989
111