CVE-2020-16205

EPSS 60.4%CWE-78

Vexday Risk Score

30Bajo

Decisión SSVC (CISA)

Attend

PoC disponible → seguir de cerca

CVSS —EPSS 60.4%KEV nãoPoC —Nuclei —Metasploit simPatch —

Ciclo de vida

20 may 2020Exploit Metasploit disponible

14 ago 2020Publicada en NVD

Recomendación: Planificar corrección próxima — ya existe PoC pública.

Using a specially crafted URL command, a remote authenticated user can execute commands as root on the G-Cam and G-Code (Firmware Versions 1.12.0.25 and prior as well as the limited Versions 1.12.13.2 and 1.12.14.5).

Productos afectados

n/a · G-Cam and G-Code

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://packetstormsecurity.com/files/158888/Geutebruck-testaction.cgi-Remote-Command-Execution.html https://us-cert.cisa.gov/ics/advisories/icsa-20-219-03