CVE-2020-36529
8.8
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability classified as critical has been found in SevOne Network Management System up to 5.7.2.22. This affects the file traceroute.php of the Traceroute Handler. The manipulation leads to privilege escalation with a command injection. It is possible to initiate the attack remotely.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SevOne | Network Management System | 5.7.2.0 | affected |
| SevOne | Network Management System | 5.7.2.1 | affected |
| SevOne | Network Management System | 5.7.2.2 | affected |
| SevOne | Network Management System | 5.7.2.3 | affected |
| SevOne | Network Management System | 5.7.2.4 | affected |
| SevOne | Network Management System | 5.7.2.5 | affected |
| SevOne | Network Management System | 5.7.2.6 | affected |
| SevOne | Network Management System | 5.7.2.7 | affected |
| SevOne | Network Management System | 5.7.2.8 | affected |
| SevOne | Network Management System | 5.7.2.9 | affected |
| SevOne | Network Management System | 5.7.2.10 | affected |
| SevOne | Network Management System | 5.7.2.11 | affected |
| SevOne | Network Management System | 5.7.2.12 | affected |
| SevOne | Network Management System | 5.7.2.13 | affected |
| SevOne | Network Management System | 5.7.2.14 | affected |
| SevOne | Network Management System | 5.7.2.15 | affected |
| SevOne | Network Management System | 5.7.2.16 | affected |
| SevOne | Network Management System | 5.7.2.17 | affected |
| SevOne | Network Management System | 5.7.2.18 | affected |
| SevOne | Network Management System | 5.7.2.19 | affected |
| SevOne | Network Management System | 5.7.2.20 | affected |
| SevOne | Network Management System | 5.7.2.21 | affected |
| SevOne | Network Management System | 5.7.2.22 | affected |
Weaknesses
- CWE-77: CWE-77 Command Injection
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.