Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Check Point Advisories
Check Point Advisoriesadded 2020/09/02 12:0 a.m.6 views

Easycorp Zentao Pro Command Injection (CVE-2020-7361)

A command injection vulnerability exists in Easycorp Zentao Pro. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9CVSS5.5AI score0.17225EPSS
Exploits4
OSV
OSVadded 2020/08/06 4:15 p.m.2 views

CVE-2020-7361

The EasyCorp ZenTao Pro application suffers from an OS command injection vulnerability in its '/pro/repo-create.html' component. After authenticating to the ZenTao dashboard, attackers may construct and send arbitrary OS commands via the POST parameter 'path', and those commands will run in an...

8.8CVSS7.5AI score0.17225EPSS
Exploits4References1
Cvelist
Cvelistadded 2020/08/06 3:45 p.m.20 views

CVE-2020-7361 ZenTao Pro Command Injection

The EasyCorp ZenTao Pro application suffers from an OS command injection vulnerability in its '/pro/repo-create.html' component. After authenticating to the ZenTao dashboard, attackers may construct and send arbitrary OS commands via the POST parameter 'path', and those commands will run in an...

9.6CVSS9.7AI score0.17225EPSS
Exploits4References1
CVE
CVEadded 2020/08/06 3:45 p.m.90 views

CVE-2020-7361

CVE-2020-7361 affects EasyCorp ZenTao Pro (8.8.2 and earlier). A command-injection vulnerability exists in the vulnerable "/pro/repo-create.html" endpoint, where an authenticated user can send arbitrary OS commands through the POST parameter “path.” Executed commands run in the Windows SYSTEM con...

9.6CVSS9AI score0.17225EPSS
Exploits4References1Affected Software1
Circl
Circladded 2020/07/22 2:53 p.m.7 views

CVE-2020-7361

creationtimestamp| type| source ---|---|--- 2020-07-22 14:53:34+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/zentaoprorce.rb 2025-02-06 03:13:44+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:10:30+00:00| seen|...

9.6CVSS8.6AI score0.17225EPSS
Exploits4References1
0day.today
0day.todayadded 2020/07/22 12:0 a.m.590 views

ZenTao Pro 8.8.2 Remote Code Execution Exploit

This Metasploit module exploits a command injection vulnerability in ZenTao Pro 8.8.2 and earlier versions in order to execute arbitrary commands with SYSTEM privileges. Valid credentials for a ZenTao admin account are required. This module has been successfully tested against ZenTao 8.8.1 and...

9.6CVSS9.5AI score0.17225EPSS
Exploits4
Packet Storm
Packet Stormadded 2020/07/22 12:0 a.m.532 views

ZenTao Pro 8.8.2 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ZenTao Pro 8.8.2 Remote Code Execution', 'Description' = %q This module exploits a command injection vulnerability in ZenTao Pro 8.8.2 and earlie...

0.3AI score0.17225EPSS
Exploits4
Rows per page
Query Builder