Lucene search
K
InvigoAutomatic Device Management

6 matches found

CVE
CVE
added 2021/03/25 7:48 p.m.61 views

CVE-2020-10580

The CVE-2020-10580 entry describes a command injection in Invigo Automatic Device Management (ADM) via the /admin/broadcast.php script, affecting ADM versions through 5.0. The underlying flaw enables remote authenticated attackers to execute arbitrary PHP code on the server as the application use...

8.8CVSS9AI score0.03913EPSS
CVE
CVE
added 2021/03/25 7:47 p.m.58 views

CVE-2020-10582

CVE-2020-10582 describes a SQL injection in Invigo Automatic Device Management (ADM) prior to or including version 5.0, affecting the script at /admin/display_errors.php. The underlying issue allows remote attackers to execute arbitrary SQL queries against the database, with potential data readin...

9.8CVSS9.9AI score0.01555EPSS
CVE
CVE
added 2021/03/25 7:47 p.m.54 views

CVE-2020-10583

CVE-2020-10583 affects Invigo Automatic Device Management (ADM) up to version 5.0. The vulnerability is an arbitrary OS command injection in the /admin/admapi.php script, exploitable by remote authenticated attackers who execute commands on the server as the application user. This is documented a...

9CVSS8.8AI score0.02765EPSS
CVE
CVE
added 2021/03/25 7:47 p.m.53 views

CVE-2020-10584

CVE-2020-10584 is a directory traversal vulnerability affecting Invigo Automatic Device Management (ADM) via the /admin/search_by.php script, reported for ADM 5.0 and earlier. The root cause is directory traversal that allows remote attackers to read arbitrary files on the server accessible to th...

7.5CVSS7.5AI score0.02197EPSS
CVE
CVE
added 2021/03/25 7:48 p.m.47 views

CVE-2020-10579

The CVE-2020-10579 vulnerability affects Invigo Automatic Device Management (ADM) up to and including version 5.0, in the /admin/sysmon.php script. A directory traversal flaw allows remote attackers to list contents of arbitrary server directories accessible to the application user, enabling disc...

7.5CVSS7.6AI score0.02197EPSS
CVE
CVE
added 2021/03/25 7:48 p.m.47 views

CVE-2020-10581

Invigo Automatic Device Management (ADM) up to version 5.0 contains multiple session validity check issues in several administration functions. The Red Hat/CVE, NVD, CNVD, CVE listings and related advisories describe a vulnerability that could allow remote attackers to read potentially sensitive ...

7.5CVSS7.4AI score0.01348EPSS