CVE-2020-9020

🗓️ 17 Feb 2020 03:03:49Reported by mitreType

cve

cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 116 Views🌐 WEB

Iteris Vantage Velocity Field Unit OS Command Injectio

Reporter	Title	Published	Views	Family All 8
CNVD	Iteris Vantage Velocity Field Unit Operating System Command Injection Vulnerability	18 Feb 202000:00	–	cnvd
Check Point Advisories	Iteris Vantage Velocity Command Injection (CVE-2020-9020)	5 Apr 202100:00	–	checkpoint_advisories
Cvelist	CVE-2020-9020	17 Feb 202003:03	–	cvelist
EUVD	EUVD-2020-29850	7 Oct 202500:30	–	euvd
NVD	CVE-2020-9020	17 Feb 202004:15	–	nvd
Prion	Design/Logic Flaw	17 Feb 202004:15	–	prion
RedhatCVE	CVE-2020-9020	22 May 202517:36	–	redhatcve
VulnCheck KEV	VulnCheck KEV: CVE-2020-9020	3 Mar 202100:00	–	vulncheck_kev

NVD

Node

iteris vantage_velocity_firmwareMatch2.3.1

OR

iteris vantage_velocity_firmwareMatch2.4.2

OR

iteris vantage_velocity_firmwareMatch3.0

AND

iteris vantage_velocityMatch-

Source	Link
sku11army	www.sku11army.blogspot.com/2020/01/iteris-vantage-velocity-field-unit-os.html

Parameter	Position	Path	Description	CWE
NTP Server	request body	/cgi-bin/timeconfig.py	Command injection via shell metacharacters in NTP Server field in timeconfig.py leading to OS command execution.	CWE-78

17 Jun 2026 03:27Current

9.7High risk

Vulners AI Score9.7

CVSS 3.19.8

CVSS 210

EPSS0.02473

cve-2020-9020 iteris vantage velocity field unit os command injection ntp server shell metacharacters