← back
CVE-2020-5632

CVE-2020-5632

EPSS 0.4%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 0.4%KEV nãoPoC Patch
Lifecycle
Oct 06, 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
InfoCage SiteShell series (Host type SiteShell for IIS V1.4, V1.5, and V1.6, Host type SiteShell for IIS prior to revision V2.0.0.6, V2.1.0.7, V2.1.1.6, V3.0.0.11, V4.0.0.6, V4.1.0.5, and V4.2.0.1, Host type SiteShell for Apache Windows V1.4, V1.5, and V1.6, and Host type SiteShell for Apache Windows prior to revision V2.0.0.6, V2.1.0.7, V2.1.1.6, V3.0.0.11, V4.0.0.6, V4.1.0.5, and V4.2.0.1) allow authenticated attackers to bypass access restriction and to execute arbitrary code with an elevated privilege via a specially crafted executable files.
Affected products
NEC Corporation · InfoCage SiteShell series

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://jpn.nec.com/infocage/siteshell/everyone_20200918.htmlhttps://jvn.jp/en/jp/JVN07426151/index.html