CVE-2020-6932

Summary

An information disclosure and remote code execution vulnerability in the slinger web server of the BlackBerry QNX Software Development Platform versions 6.4.0 to 6.6.0 could allow an attacker to potentially read arbitrary files and run arbitrary executables in the context of the web server.

Affected Software

VendorProductVersion RangeStatus
BlackBerryQNX Software Development Platform (SDP)6.4.0 <= 6.6.0affected

Weaknesses

  • CWE-150: CWE-150 Improper Neutralization of Escape, Meta, or Control Sequences

ADP Enrichment

CVE Program Container

Additional References

References