2 matches found
CVE-2020-17387
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
CVE-2020-17387
CVE-2020-17387 affects Marvell QConvergeConsole 5.5.0.64. The vulnerability is in the GWTTestServiceImpl.writeObjectToConfigFile method, caused by insufficient validation of a user-supplied path before file operations, enabling remote code execution in the SYSTEM context. Authentication is requir...