← back
CVE-2020-7838

CVE-2020-7838

CVSS 8.8 HIGHEPSS 1.2%CWE-20
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.8EPSS 1.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
18 Dec 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A arbitrary code execution vulnerability exists in the way that the Stove client improperly validates input value. An attacker could execute arbitrary code when the user access to crafted web page. This issue affects: Smilegate STOVE Client 0.0.4.72.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
Smilegate · STOVE Client