CVE-2020-36910

Summary

Cayin Signage Media Player 3.0 contains an authenticated remote command injection vulnerability in system.cgi and wizard_system.cgi pages. Attackers can exploit the 'NTP_Server_IP' parameter with default credentials to execute arbitrary shell commands as root.

Affected Software

VendorProductVersion RangeStatus
CAYIN TechnologySMP-8000QD3.0affected
CAYIN TechnologySMP-80003.0affected
CAYIN TechnologySMP-60003.0 Build 19025affected
CAYIN TechnologySMP-60001.0 Build 14246affected
CAYIN TechnologySMP-60001.0 Build 14199affected
CAYIN TechnologySMP-60001.0 Build 14167affected
CAYIN TechnologySMP-60001.0 Build 14097affected
CAYIN TechnologySMP-60001.0 Build 14090affected
CAYIN TechnologySMP-60001.0 Build 14069affected
CAYIN TechnologySMP-60001.0 Build 14062affected
CAYIN TechnologySMP-40001.0 Build 14098affected
CAYIN TechnologySMP-40001.0 Build 14092affected
CAYIN TechnologySMP-40001.0 Build 14087affected
CAYIN TechnologySMP-23103.0affected
CAYIN TechnologySMP-23003.0 Build 19316affected
CAYIN TechnologySMP-22103.0 Build 19025affected
CAYIN TechnologySMP-22003.0 Build 19029affected
CAYIN TechnologySMP-22003.0 Build 19025affected
CAYIN TechnologySMP-210010.0 Build 16228affected
CAYIN TechnologySMP-21003.0affected
CAYIN TechnologySMP-20001.0 Build 14167affected
CAYIN TechnologySMP-20001.0 Build 14087affected
CAYIN TechnologySMP-10001.0 Build 14099affected
CAYIN TechnologySMP-PROPLUS1.5 Build 10081affected
CAYIN TechnologySMP-WEBPLUS6.5 Build 11126affected
CAYIN TechnologySMP-WEB42.0 Build 13073affected
CAYIN TechnologySMP-WEB42.0 Build 11175affected
CAYIN TechnologySMP-WEB41.5 Build 11476affected
CAYIN TechnologySMP-WEB41.5 Build 11126affected
CAYIN TechnologySMP-WEB41.0 Build 10301affected
CAYIN TechnologySMP-3001.0 Build 14177affected
CAYIN TechnologySMP-2001.0 Build 13080affected
CAYIN TechnologySMP-2001.0 Build 12331affected
CAYIN TechnologySMP-PRO41.0affected
CAYIN TechnologySMP-NEO21.0affected
CAYIN TechnologySMP-NEO1.0affected

Weaknesses

  • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

References