An issue was discovered in URVE Build 24.03.2020. By using the _internal/pc/vpro.php?mac=0&ip=0&operation=0&usr=0&pass=0%3bpowershell+-c+" substring, it is possible to execute a Powershell command and redirect its output to a file under the web root.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-12-23T15:12:03

Updated: 2024-08-04T16:55:10.357Z

Reserved: 2020-12-04T00:00:00

Link: CVE-2020-29552

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-12-23T16:15:12.640

Modified: 2024-11-21T05:24:11.280

Link: CVE-2020-29552

cve-icon Redhat

No data.