There is an OS Command Injection in Mida eFramework through 2.9.0 that allows an attacker to achieve Remote Code Execution (RCE) with administrative (root) privileges. No authentication is required.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-07-24T00:58:51
Updated: 2024-08-04T13:30:23.202Z
Reserved: 2020-07-24T00:00:00
Link: CVE-2020-15920
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-07-24T01:15:11.940
Modified: 2023-01-20T20:44:41.787
Link: CVE-2020-15920
Redhat
No data.