CVE-2020-8654

2020-02-07T00:15:00
ID CVE-2020-8654
Type cve
Reporter cve@mitre.org
Modified 2020-03-03T16:15:00

Description

An issue was discovered in EyesOfNetwork 5.3. An authenticated web user with sufficient privileges could abuse the AutoDiscovery module to run arbitrary OS commands via the /module/module_frame/index.php autodiscovery.php target field.