Schmid ZI 620 V400 VPN 090 routers allow an attacker to execute OS commands as root via shell metacharacters to an entry on the SSH subcommand menu, as demonstrated by ping.
References
Link | Resource |
---|---|
https://github.com/0xedh/someshit/blob/master/CVE-2020-6760.md | Exploit Third Party Advisory |
https://github.com/0xedh/someshit/blob/master/CVE-2020-6760.md | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 05:36
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/0xedh/someshit/blob/master/CVE-2020-6760.md - Exploit, Third Party Advisory |
Information
Published : 2020-02-06 21:15
Updated : 2024-11-21 05:36
NVD link : CVE-2020-6760
Mitre link : CVE-2020-6760
CVE.ORG link : CVE-2020-6760
JSON object : View
Products Affected
schmid-telecom
- zi_620_v400_firmware
- zi_620_v400
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')