CVE-2020-6760

Schmid ZI 620 V400 VPN 090 routers allow an attacker to execute OS commands as root via shell metacharacters to an entry on the SSH subcommand menu, as demonstrated by ping.
References
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:schmid-telecom:zi_620_v400_firmware:090:*:*:*:*:*:*:*
cpe:2.3:h:schmid-telecom:zi_620_v400:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:36

Type Values Removed Values Added
References () https://github.com/0xedh/someshit/blob/master/CVE-2020-6760.md - Exploit, Third Party Advisory () https://github.com/0xedh/someshit/blob/master/CVE-2020-6760.md - Exploit, Third Party Advisory

Information

Published : 2020-02-06 21:15

Updated : 2024-11-21 05:36


NVD link : CVE-2020-6760

Mitre link : CVE-2020-6760

CVE.ORG link : CVE-2020-6760


JSON object : View

Products Affected

schmid-telecom

  • zi_620_v400_firmware
  • zi_620_v400
CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')