Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2020-8087
HistoryJan 27, 2020 - 8:15 p.m.

Command injection

2020-01-2720:15:00
PRIOn knowledge base
www.prio-n.com
2

9.5 High

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.4%

JSON

SMC Networks D3G0804W D3GNV5M-3.5.1.6.10_GA devices allow remote command execution by leveraging access to the Network Diagnostic Tools screen, as demonstrated by an admin login. The attacker must use a Parameter Pollution approach against goform/formSetDiagnosticToolsFmPing by providing the vlu_diagnostic_tools__ping_address parameter twice: once with a shell metacharacter and a command name, and once with a command argument.

CPENameOperatorVersion
d3g0804w_firmwareeqd3gnv5m3.5.1.6.10ga

Related

cve 1
nvd 1
cvelist 1
cve
cve
CVE-2020-8087
2020-01-27 20:15:11
nvd
nvd
CVE-2020-8087
2020-01-27 20:15:11
cvelist
cvelist
CVE-2020-8087
2020-01-27 19:45:06

9.5 High

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.4%

JSON
Related for PRION:CVE-2020-8087
cve1nvd1cvelist1