CVE-2020-16152
CVE-2020-16152
Vexday Risk Score
30Bajo
Decisión SSVC (CISA)
Attend
PoC disponible → seguir de cerca
Madurez del exploit
Exploit funcional
Exploit automatizable disponible (Nuclei/Metasploit).
CVSS —EPSS 35.0%KEV nãoPoC —Nuclei —Metasploit simPatch —
Ciclo de vida
17 feb 2020Exploit Metasploit disponible
14 nov 2021Publicada en NVD
Recomendación: Planificar corrección próxima — ya existe PoC pública.
The NetConfig UI administrative interface in Extreme Networks ExtremeWireless Aerohive HiveOS and IQ Engine through 10.0r8a allows attackers to execute PHP code as the root user via remote HTTP requests that insert this code into a log file and then traverse to that file.
Productos afectados
n/a · n/a