3 matches found
CVE-2020-25560
In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients username: sapphire, password: ims and gain access to the portal. Once the access is available, the attacker can inject malicious OS commands on “ping”, “traceroute” and “snmp” functions and execute code on the server. W...
CVE-2020-25560
creationtimestamp| type| source ---|---|--- 2021-08-12 00:38:45+00:00| seen| https://t.me/cibsecurity/27188...
CVE-2020-25560
CVE-2020-25560 affects SapphireIMS 5.0. The vulnerability arises from hardcoded credentials (username: sapphire, password: ims) that allow unauthenticated access to the portal. Once access is gained, an attacker can inject OS commands via the server-side functions for ping, traceroute, and SNMP, ...