CVE-2020-7357

🗓️ 06 Aug 2020 15:45:28Reported by rapid7Type

cve🔗 web.nvd.nist.gov👁 94 Views🌐 WEB

Cayin CMS authenticated OS command injection via NTP_Server_IP paramete

Reporter	Title	Published	Views	Family All 15
0daydb	Cayin CMS NTP Server 11.0 CVE-2020-7357 - Remote Code Execution	21 Jun 202009:10	–	0daydb
0daydb	Code Blocks 17.12 - Local Buffer Overflow	21 Jun 202009:07	–	0daydb
0daydb	Trend Micro Web Security - Remote Code Execution	24 Jun 202008:21	–	0daydb
0day.today	Cayin CMS NTP Server 11.0 Remote Code Execution Exploit	18 Jun 202000:00	–	zdt
ATTACKERKB	CVE-2020-7357	6 Apr 202000:00	–	attackerkb
Circl	CVE-2020-7357	18 Jun 202015:43	–	circl
CNVD	Code Execution Vulnerability in CAYIN Technology CMS	19 Jun 202000:00	–	cnvd
Check Point Advisories	Cayin CMS Command Injection (CVE-2020-7357)	28 Nov 202000:00	–	checkpoint_advisories
Cvelist	CVE-2020-7357 Cayin CMS Command Injection	6 Aug 202015:45	–	cvelist
Metasploit	Cayin CMS NTP Server RCE	12 Jun 202014:46	–	metasploit

NVD

Node

cayintech cms-se_firmwareMatch11.019179

AND

cayintech cms-seMatch-

Node

cayintech cms-se_firmwareMatch11.019025

AND

cayintech cms-seMatch-

Node

cayintech cms-se_firmwareMatch11.018325

AND

cayintech cms-seMatch-

Node

cayintech cms-se-lxc_firmwareMatch-

AND

cayintech cms-se-lxcMatch-

Node

cayintech cms-60_firmwareMatch11.019025

AND

cayintech cms-60Match-

Node

cayintech cms-40_firmwareMatch9.014197

AND

cayintech cms-40Match-

Node

cayintech cms-40_firmwareMatch9.014199

AND

cayintech cms-40Match-

Node

cayintech cms-40_firmwareMatch9.014093

AND

cayintech cms-40Match-

Node

cayintech cms-20_firmwareMatch9.014197

AND

cayintech cms-20Match-

Node

cayintech cms-20_firmwareMatch9.014092

AND

cayintech cms-20Match-

Node

cayintech cmsMatch7.511175

cayintech cmsMatch8.011175

cayintech cmsMatch8.212199

[
  {
    "product": "Cayin CMS-SE",
    "vendor": "Cayin Technology",
    "versions": [
      {
        "lessThanOrEqual": "11.0 Build 19179",
        "status": "affected",
        "version": "11.0 Build 19179",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Cayin CMS-60",
    "vendor": "Cayin Technology",
    "versions": [
      {
        "lessThanOrEqual": "11.0 Build 19025",
        "status": "affected",
        "version": "11.0 Build 19025",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Cayin CMS-40",
    "vendor": "Cayin Technology",
    "versions": [
      {
        "lessThanOrEqual": "9.0 Build 14917",
        "status": "affected",
        "version": "9.0 Build 14917",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Cayin CMS-20",
    "vendor": "Cayin Technology",
    "versions": [
      {
        "lessThanOrEqual": "9.0 Build 14917",
        "status": "affected",
        "version": "9.0 Build 14917",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Cayin CMS",
    "vendor": "Cayin Technology",
    "versions": [
      {
        "status": "affected",
        "version": "8.2 Build 12199"
      },
      {
        "status": "affected",
        "version": "8.0 Build 11175"
      },
      {
        "status": "affected",
        "version": "7.5 Build 11175"
      }
    ]
  }
]

Source	Link
github	www.github.com/rapid7/metasploit-framework/pull/13607
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/182925
zeroscience	www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5570.php

Parameter	Position	Path	Description	CWE
NTP_Server_IP	request body	/cgi-bin/system.cgi	Authenticated OS semi-blind command injection via NTP_Server_IP in system.cgi allowing remote code execution as root.	CWE-78

21 Nov 2024 05:37Current

9.8High risk

Vulners AI Score9.8

CVSS 29

CVSS 3.19.6 - 9.9

EPSS0.77162

CWE-78