3 matches found
CVE-2020-14414
creationtimestamp| type| source ---|---|--- 2026-07-08 00:37:06+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mq3uuizl372s...
CVE-2020-14414
NeDi 1.9C is vulnerable to Remote Command Execution. pwsec.php improperly escapes shell metacharacters from a POST request. An attacker can exploit this by crafting an arbitrary payload any system commands that contains shell metacharacters via a POST request with a pw parameter. This can also be...
CVE-2020-14414
CVE-2020-14414 affects NeDi 1.9C. The pwsec.php component fails to safely escape shell metacharacters in a POST request parameter (pw), leading to Remote Command Execution. An attacker can craft an arbitrary command payload containing shell metacharacters via a POST request, with CSRF potentially...