exploitDog

CVE-2020-14072

Опубликовано: 29 июн. 2020

Источник: nvd

CVSS3: 9.8

CVSS2: 10

EPSS Низкий

Описание

An issue was discovered in MK-AUTH 19.01. It allows command execution as root via shell metacharacters to /auth admin scripts.

Ссылки

http://mk-auth.com.br/page/changelog-1
Vendor Advisory
https://gist.github.com/merhawi023/a1155913df3cf0c17971b0fb7dcd8f20
Third Party Advisory
http://mk-auth.com.br/page/changelog-1
Vendor Advisory
https://gist.github.com/merhawi023/a1155913df3cf0c17971b0fb7dcd8f20
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mk-auth:mk-auth:19.01:*:*:*:*:*:*:*

EPSS

Процентиль: 86%

0.02747

Низкий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-78

Связанные уязвимости

GHSA-8wrr-g5w6-457w

github

больше 3 лет назад

An issue was discovered in MK-AUTH 19.01. It allows command execution as root via shell metacharacters to /auth admin scripts.

EPSS

Процентиль: 86%

0.02747

Низкий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-78