CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1601 CVE-2020-8636 306 Exec Code 2020-02-06 2020-02-12
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered in OpServices OpMon 9.3.2 that allows Remote Code Execution .
1602 CVE-2020-8599 434 Bypass 2020-03-18 2020-03-19
10.0
None Remote Low Not required Complete Complete Complete
Trend Micro Apex One (2019) and OfficeScan XG server contain a vulnerable EXE file that could allow a remote attacker to write arbitrary data to an arbitrary path on affected installations and bypass ROOT login. Authentication is not required to exploit this vulnerability.
1603 CVE-2020-8598 20 Exec Code 2020-03-18 2021-07-21
10.0
None Remote Low Not required Complete Complete Complete
Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file that could allow a remote attacker to execute arbitrary code on affected installations with SYSTEM level privileges. Authentication is not required to exploit this vulnerability.
1604 CVE-2020-8584 94 Exec Code 2021-01-08 2021-07-21
10.0
None Remote Low Not required Complete Complete Complete
Element OS versions prior to 1.8P1 and 12.2 are susceptible to a vulnerability that could allow an unauthenticated remote attacker to perform arbitrary code execution.
1605 CVE-2020-8515 74 Exec Code 2020-02-01 2021-07-21
10.0
None Remote Low Not required Complete Complete Complete
DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI. This issue has been fixed in Vigor3900/2960/300B v1.5.1.
1606 CVE-2020-8481 922 2020-04-29 2021-09-14
10.0
None Remote Low Not required Complete Complete Complete
For ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 and 7.0, ABB Ability™ System 800xA/ Advant® OCS Control Builder A 1.3 and 1.4, Advant® OCS AC100 OPC Server 5.1, 6.0 and 6.1, Composer CTK 6.1 and 6.2, AdvaBuild 3.7 SP1 and SP2, OPCServer for MOD 300 (non-800xA) 1.4, OPC Data Link 2.1 and 2.2, Knowledge Manager 8.0, 9.0 and 9.1, Manufacturing Operations Management 1812 and 1909, confidential data is written in an unprotected file. An attacker who successfully exploited this vulnerability could take full control of the computer.
1607 CVE-2020-8470 20 2020-03-18 2021-07-21
9.4
None Remote Low Not required None Complete Complete
Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file that could allow an attacker to delete any file on the server with SYSTEM level privileges. Authentication is not required to exploit this vulnerability.
1608 CVE-2020-8465 287 Exec Code Bypass CSRF 2020-12-17 2021-07-21
10.0
None Remote Low Not required Complete Complete Complete
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to manipulate system updates using a combination of CSRF bypass (CVE-2020-8461) and authentication bypass (CVE-2020-8464) to execute code as user root.
1609 CVE-2020-8445 20 2020-01-30 2020-07-27
10.0
None Remote Low Not required Complete Complete Complete
In OSSEC-HIDS 2.7 through 3.5.0, the OS_CleanMSG function in ossec-analysisd doesn't remove or encode terminal control characters or newlines from processed log messages. In many cases, those characters are later logged. Because newlines (\n) are permitted in messages processed by ossec-analysisd, it may be possible to inject nested events into the ossec log. Use of terminal control characters may allow obfuscating events or executing commands when viewed through vulnerable terminal emulators. This may be an unauthenticated remote attack for certain types and origins of logged data.
1610 CVE-2020-8438 78 Exec Code 2020-01-29 2020-01-31
9.0
None Remote Low ??? Complete Complete Complete
Ruckus ZoneFlex R500 104.0.0.0.1347 devices allow an authenticated attacker to execute arbitrary OS commands via the hidden /forms/nslookupHandler form, as demonstrated by the nslookuptarget=|cat${IFS} substring.
1611 CVE-2020-8432 415 Exec Code 2020-01-29 2021-07-21
10.0
None Remote Low Not required Complete Complete Complete
In Das U-Boot through 2020.01, a double free has been found in the cmd/gpt.c do_rename_gpt_parts() function. Double freeing may result in a write-what-where condition, allowing an attacker to execute arbitrary code. NOTE: this vulnerablity was introduced when attempting to fix a memory leak identified by static analysis.
1612 CVE-2020-8429 20 Bypass 2020-02-11 2021-07-21
9.0
None Remote Low ??? Complete Complete Complete
The Admin web application in Kinetica 7.0.9.2.20191118151947 does not properly sanitise the input for the function getLogs. This lack of sanitisation could be exploited to allow an authenticated attacker to run remote code on the underlying operating system. The logFile parameter in the getLogs function was used as a variable in a command to read log files; however, due to poor input sanitisation, it was possible to bypass a replacement and break out of the command.
1613 CVE-2020-8427 78 Sql Bypass 2020-02-17 2021-07-21
9.0
None Remote Low ??? Complete Complete Complete
In Unitrends Backup before 10.4.1, an HTTP request parameter was not properly sanitized, allowing for SQL injection that resulted in an authentication bypass.
1614 CVE-2020-8423 120 Exec Code Overflow 2020-04-02 2020-04-06
9.0
None Remote Low ??? Complete Complete Complete
A buffer overflow in the httpd daemon on TP-Link TL-WR841N V10 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the configuration of the Wi-Fi network.
1615 CVE-2020-8298 77 2021-03-04 2021-03-09
10.0
None Remote Low Not required Complete Complete Complete
fs-path node module before 0.0.25 is vulnerable to command injection by way of user-supplied inputs via the `copy`, `copySync`, `remove`, and `removeSync` methods.
1616 CVE-2020-8289 295 Exec Code 2020-12-27 2020-12-31
9.3
None Remote Medium Not required Complete Complete Complete
Backblaze for Windows before 7.0.1.433 and Backblaze for macOS before 7.0.1.434 suffer from improper certificate validation in `bztransmit` helper due to hardcoded whitelist of strings in URLs where validation is disabled leading to possible remote code execution via client update functionality.
1617 CVE-2020-8283 269 Exec Code 2020-12-14 2020-12-17
9.0
None Remote Low ??? Complete Complete Complete
An authorised user on a Windows host running Citrix Universal Print Server can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 and 7.6 LTSR CU9.
1618 CVE-2020-8273 78 2020-11-16 2020-11-30
9.0
None Remote Low ??? Complete Complete Complete
Privilege escalation of an authenticated user to root in Citrix SD-WAN center versions before 11.2.2, 11.1.2b and 10.2.8.
1619 CVE-2020-8271 22 Exec Code Dir. Trav. 2020-11-16 2020-11-30
10.0
None Remote Low Not required Complete Complete Complete
Unauthenticated remote code execution with root privileges in Citrix SD-WAN Center versions before 11.2.2, 11.1.2b and 10.2.8
1620 CVE-2020-8270 78 Exec Code 2020-11-16 2020-12-03
9.0
None Remote Low ??? Complete Complete Complete
An unprivileged Windows user on the VDA or an SMB user can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285871 and CTX285872, 7.15 LTSR CU6 hotfix CTX285341 and CTX285342
1621 CVE-2020-8269 269 Exec Code 2020-11-16 2020-12-03
9.0
None Remote Low ??? Complete Complete Complete
An unprivileged Windows user on the VDA can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 and 7.6 LTSR CU9
1622 CVE-2020-8234 613 2020-08-21 2020-08-31
10.0
None Remote Low Not required Complete Complete Complete
A vulnerability exists in The EdgeMax EdgeSwitch firmware <v1.9.1 where the EdgeSwitch legacy web interface SIDSSL cookie for admin can be guessed, enabling the attacker to obtain high privileges and get a root shell by a Command injection.
1623 CVE-2020-8233 78 Exec Code 2020-08-17 2020-10-11
9.0
None Remote Low ??? Complete Complete Complete
A command injection vulnerability exists in EdgeSwitch firmware <v1.9.0 that allowed an authenticated read-only user to execute arbitrary shell commands over the HTTP interface, allowing them to escalate privileges.
1624 CVE-2020-8178 78 2020-07-15 2020-07-21
10.0
None Remote Low Not required Complete Complete Complete
Insufficient input validation in npm package `jison` <= 0.4.18 may lead to OS command injection attacks.
1625 CVE-2020-8174 191 Mem. Corr. 2020-07-24 2021-10-07
9.3
None Remote Medium Not required Complete Complete Complete
napi_get_value_string_*() allows various kinds of memory corruption in node < 10.21.0, 12.18.0, and < 14.4.0.
1626 CVE-2020-8087 Exec Code 2020-01-27 2021-07-21
10.0
None Remote Low Not required Complete Complete Complete
SMC Networks D3G0804W D3GNV5M-3.5.1.6.10_GA devices allow remote command execution by leveraging access to the Network Diagnostic Tools screen, as demonstrated by an admin login. The attacker must use a Parameter Pollution approach against goform/formSetDiagnosticToolsFmPing by providing the vlu_diagnostic_tools__ping_address parameter twice: once with a shell metacharacter and a command name, and once with a command argument.
1627 CVE-2020-8010 200 Exec Code +Info 2020-02-18 2021-09-27
10.0
None Remote Low Not required Complete Complete Complete
CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains an improper ACL handling vulnerability in the robot (controller) component. A remote attacker can execute commands, read from, or write to the target system.
1628 CVE-2020-8001 798 2020-01-27 2020-01-30
10.0
None Remote Low Not required Complete Complete Complete
The Intellian Aptus application 1.0.2 for Android has a hardcoded password of intellian for the masteruser FTP account.
1629 CVE-2020-8000 798 2020-01-27 2020-01-31
10.0
None Remote Low Not required Complete Complete Complete
Intellian Aptus Web 1.24 has a hardcoded password of 12345678 for the intellian account.
1630 CVE-2020-7998 434 2020-01-28 2020-02-04
9.0
None Remote Low ??? Complete Complete Complete
An arbitrary file upload vulnerability has been discovered in the Super File Explorer app 1.0.1 for iOS. The vulnerability is located in the developer path that is accessible and hidden next to the root path. By default, there is no password set for the FTP or Web UI service.
1631 CVE-2020-7995 287 2020-01-26 2021-07-21
10.0
None Remote Low Not required Complete Complete Complete
The htdocs/index.php?mainmenu=home login page in Dolibarr 10.0.6 allows an unlimited rate of failed authentication attempts.
1632 CVE-2020-7980 78 Exec Code 2020-01-25 2020-01-29
10.0
None Remote Low Not required Complete Complete Complete
Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS commands via the Q field within JSON data to the cgi-bin/libagent.cgi URI. NOTE: a valid sid cookie for a login to the intellian default account might be needed.
1633 CVE-2020-7869 20 2021-06-29 2021-07-02
9.0
None Remote Low ??? Complete Complete Complete
An improper input validation vulnerability of ZOOK software (remote administration tool) could allow a remote attacker to create arbitrary file. The ZOOK viewer has the "Tight file CMD" function to create file. An attacker could create and execute arbitrary file in the ZOOK agent program using "Tight file CMD" without authority.
1634 CVE-2020-7868 Exec Code 2021-06-29 2021-07-02
10.0
None Remote Low Not required Complete Complete Complete
A remote code execution vulnerability exists in helpUS(remote administration tool) due to improper validation of parameter of ShellExecutionExA function used for login.
1635 CVE-2020-7863 20 Exec Code 2021-08-05 2021-08-13
9.3
None Remote Medium Not required Complete Complete Complete
A vulnerability in File Transfer Solution of Raonwiz could allow arbitrary command execution as the result of viewing a specially-crafted web page. This vulnerability is due to insufficient validation of the parameter of the specific method. An attacker could exploit this vulnerability by setting the parameter to the command they want to execute. A successful exploit could allow the attacker to execute arbitrary commands on a target system as the user. However, the victim must run the Internet Explorer browser with administrator privileges because of the cross-domain policy.
1636 CVE-2020-7825 78 Exec Code 2020-07-17 2020-07-23
10.0
None Remote Low Not required Complete Complete Complete
A vulnerability exists that could allow the execution of operating system commands on systems running MiPlatform 2019.05.16 and earlier. An attacker could execute arbitrary remote command by sending parameters to WinExec function in ExtCommandApi.dll module of MiPlatform.
1637 CVE-2020-7805 78 Exec Code 2020-05-07 2020-05-14
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on KT Slim egg IML500 (R7283, R8112, R8424) and IML520 (R8112, R8368, R8411) wifi device. This issue is a command injection allowing attackers to execute arbitrary OS commands.
1638 CVE-2020-7799 74 Exec Code 2020-01-28 2021-07-21
9.0
None Remote Low ??? Complete Complete Complete
An issue was discovered in FusionAuth before 1.11.0. An authenticated user, allowed to edit e-mail templates (Home -> Settings -> Email Templates) or themes (Home -> Settings -> Themes), can execute commands on the underlying operating system by abusing freemarker.template.utility.Execute in the Apache FreeMarker engine that processes custom templates.
1639 CVE-2020-7772 2020-11-15 2020-11-30
10.0
None Remote Low Not required Complete Complete Complete
This affects the package doc-path before 2.1.2.
1640 CVE-2020-7745 94 Exec Code 2020-10-19 2020-10-21
10.0
None Remote Low Not required Complete Complete Complete
This affects the package MintegralAdSDK before 6.6.0.0. The SDK distributed by the company contains malicious functionality that acts as a backdoor. Mintegral and their partners (advertisers) can remotely execute arbitrary code on a user device.
1641 CVE-2020-7594 78 Exec Code 2020-01-21 2020-01-29
9.0
None Remote Low ??? Complete Complete Complete
MultiTech Conduit MTCDT-LVW2-24XX 1.4.17-ocea-13592 devices allow remote authenticated administrators to execute arbitrary OS commands by navigating to the Debug Options page and entering shell metacharacters in the interface JSON field of the ping function.
1642 CVE-2020-7505 494 Exec Code 2020-06-16 2020-06-17
9.0
None Remote Low ??? Complete Complete Complete
A CWE-494 Download of Code Without Integrity Check vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to inject data with dangerous content into the firmware and execute arbitrary code on the system.
1643 CVE-2020-7468 755 +Priv 2021-03-26 2021-04-01
9.0
None Remote Low ??? Complete Complete Complete
In FreeBSD 12.2-STABLE before r365772, 11.4-STABLE before r365773, 12.1-RELEASE before p10, 11.4-RELEASE before p4 and 11.3-RELEASE before p14 a ftpd(8) bug in the implementation of the file system sandbox, combined with capabilities available to an authenticated FTP user, can be used to escape the file system restriction configured in ftpchroot(5). Moreover, the bug allows a malicious client to gain root privileges.
1644 CVE-2020-7452 20 Exec Code 2020-04-29 2020-05-06
9.0
None Remote Low ??? Complete Complete Complete
In FreeBSD 12.1-STABLE before r357490, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r357489, and 11.3-RELEASE before 11.3-RELEASE-p7, incorrect use of a user-controlled pointer in the epair virtual network module allowed vnet jailed privileged users to panic the host system and potentially execute arbitrary code in the kernel.
1645 CVE-2020-7389 306 2021-07-22 2021-08-04
9.0
None Remote Low ??? Complete Complete Complete
Sage X3 System CHAINE Variable Script Command Injection. An authenticated user with developer access can pass OS commands via this variable used by the web application. Note, this developer configuration should not be deployed in production.
1646 CVE-2020-7384 77 Exec Code 2020-10-29 2021-02-03
9.3
None Remote Medium Not required Complete Complete Complete
Rapid7's Metasploit msfvenom framework handles APK files in a way that allows for a malicious user to craft and publish a file that would execute arbitrary commands on a victim's machine.
1647 CVE-2020-7376 22 Dir. Trav. 2020-08-24 2020-09-02
10.0
None Remote Low Not required Complete Complete Complete
The Metasploit Framework module "post/osx/gather/enum_osx module" is affected by a relative path traversal vulnerability in the get_keychains method which can be exploited to write arbitrary files to arbitrary locations on the host filesystem when the module is run on a malicious host.
1648 CVE-2020-7361 78 2020-08-06 2020-08-10
9.0
None Remote Low ??? Complete Complete Complete
The EasyCorp ZenTao Pro application suffers from an OS command injection vulnerability in its '/pro/repo-create.html' component. After authenticating to the ZenTao dashboard, attackers may construct and send arbitrary OS commands via the POST parameter 'path', and those commands will run in an elevated SYSTEM context on the underlying Windows operating system.
1649 CVE-2020-7357 78 Exec Code 2020-08-06 2020-08-11
9.0
None Remote Low ??? Complete Complete Complete
Cayin CMS suffers from an authenticated OS semi-blind command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user through the 'NTP_Server_IP' HTTP POST parameter in system.cgi page. This issue affects several branches and versions of the CMS application, including CME-SE, CMS-60, CMS-40, CMS-20, and CMS version 8.2, 8.0, and 7.5.
1650 CVE-2020-7356 89 Exec Code Sql 2020-08-06 2020-08-12
10.0
None Remote Low Not required Complete Complete Complete
CAYIN xPost suffers from an unauthenticated SQL Injection vulnerability. Input passed via the GET parameter 'wayfinder_seqid' in wayfinder_meeting_input.jsp is not properly sanitized before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code and execute SYSTEM commands.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.