An issue was discovered in URVE Build 24.03.2020. By using the _internal/pc/vpro.php?mac=0&ip=0&operation=0&usr=0&pass=0%3bpowershell+-c+" substring, it is possible to execute a Powershell command and redirect its output to a file under the web root.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-12-23T15:12:03
Updated: 2024-08-04T16:55:10.357Z
Reserved: 2020-12-04T00:00:00
Link: CVE-2020-29552
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-12-23T16:15:12.640
Modified: 2024-11-21T05:24:11.280
Link: CVE-2020-29552
Redhat
No data.