An issue was discovered in EyesOfNetwork 5.3 through 5.3-8. An authenticated web user with sufficient privileges could abuse the AutoDiscovery module to run arbitrary OS commands via the nmap_binary parameter to lilac/autodiscovery.php.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-10-29T18:26:48
Updated: 2024-08-04T16:25:43.889Z
Reserved: 2020-10-27T00:00:00
Link: CVE-2020-27887
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-10-29T19:15:14.380
Modified: 2021-02-23T15:07:50.767
Link: CVE-2020-27887
Redhat
No data.