CVE-2020-15922
35Vexday Risk Score
No sign of exploitation. It has a public proof of concept.
ssvc Attendepss 57%
from disclosure to weapon66 days
Published on NVDJul 24
1st PoC+66d
exploitation probability
57%top 1% of all CVEs
observed exploitation
nono source reports it
2 public exploit(s)
There is an OS Command Injection in Mida eFramework 2.9.0 that allows an attacker to achieve Remote Code Execution (RCE) with administrative (root) privileges. Authentication is required.
Affected products
n/a · n/apublic PoCs found — 2
cve_referencepacketstormsecurity.com/files/159314/Mida-eFramework-2.8.9-Remote-Code-Execution.htmlunverifiedexploitdbwww.exploit-db.com/exploits/48835unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.