3 matches found
CVE-2020-15645
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
CVE-2020-15645
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
CVE-2020-15645
CVE-2020-15645 affects Marvell QConvergeConsole 5.5.0.64. The root cause is in the getFileFromURL method of the GWTTestServiceImpl class, which lacks proper validation of a user-supplied path before file operations. This leads to remote code execution with SYSTEM privileges. Authentication is req...