CVE-2020-5685

Summary

UNIVERGE SV9500 series from V1 to V7and SV8500 series from S6 to S8 allows an attacker to execute arbitrary OS commands or cause a denial-of-service (DoS) condition by sending a specially crafted request to a specific URL.

Affected Software

VendorProductVersion RangeStatus
NEC CorporationUNIVERGE SV9500/SV8500 seriesSV9500 series from V1 to V7and SV8500 series from S6 to S8affected

Weaknesses

  • OS Command Injection

ADP Enrichment

CVE Program Container

Additional References

References