← back
CVE-2020-36531

SevOne Network Management System Device Manager Page injection

CVSS 6.3 MEDIUMEPSS 0.8%CWE-74
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.3EPSS 0.8%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
03 Jun 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A vulnerability, which was classified as critical, has been found in SevOne Network Management System up to 5.7.2.22. This issue affects the Device Manager Page. An injection leads to privilege escalation. The attack may be initiated remotely.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Affected products
SevOne · Network Management System

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://seclists.org/fulldisclosure/2020/Oct/5https://vuldb.com/?id.162263