CVE-2020-13851

Artica Pandora FMS 7.44 allows remote command execution via the events feature.
Configurations

Configuration 1 (hide)

cpe:2.3:a:pandorafms:pandora_fms:7.44:*:*:*:*:*:*:*

History

21 Nov 2024, 05:02

Type Values Removed Values Added
References () http://packetstormsecurity.com/files/158390/Pandora-FMS-7.0-NG-7XX-Remote-Command-Execution.html - Exploit, Third Party Advisory, VDB Entry () http://packetstormsecurity.com/files/158390/Pandora-FMS-7.0-NG-7XX-Remote-Command-Execution.html - Exploit, Third Party Advisory, VDB Entry
References () https://www.coresecurity.com/advisories - Third Party Advisory () https://www.coresecurity.com/advisories - Third Party Advisory
References () https://www.coresecurity.com/core-labs/advisories/pandora-fms-community-multiple-vulnerabilities - Exploit, Third Party Advisory () https://www.coresecurity.com/core-labs/advisories/pandora-fms-community-multiple-vulnerabilities - Exploit, Third Party Advisory

27 Apr 2022, 14:16

Type Values Removed Values Added
References (MISC) http://packetstormsecurity.com/files/158390/Pandora-FMS-7.0-NG-7XX-Remote-Command-Execution.html - (MISC) http://packetstormsecurity.com/files/158390/Pandora-FMS-7.0-NG-7XX-Remote-Command-Execution.html - Exploit, Third Party Advisory, VDB Entry
CWE CWE-74 CWE-78

Information

Published : 2020-06-11 03:15

Updated : 2024-11-21 05:02


NVD link : CVE-2020-13851

Mitre link : CVE-2020-13851

CVE.ORG link : CVE-2020-13851


JSON object : View

Products Affected

pandorafms

  • pandora_fms
CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')