3 matches found
CVE-2020-9020
Iteris Vantage Velocity Field Unit 2.3.1, 2.4.2, and 3.0 devices allow the injection of OS commands into cgi-bin/timeconfig.py via shell metacharacters in the NTP Server field...
Iteris Vantage Velocity Command Injection (CVE-2020-9020)
A command injection vulnerability exists in Iteris Vantage Velocity. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
CVE-2020-9020
CVE-2020-9020 affects Iteris Vantage Velocity Field Unit firmware versions 2.3.1, 2.4.2, and 3.0. The root cause is an OS command injection via shell metacharacters entered in the NTP Server field processed by the CGI script cgi-bin/timeconfig.py. This could enable remote command execution with h...