Vulnerabilities > CVE-2020-28250 - Unspecified vulnerability in Cellinx NVT web Server 5.0.0.014B

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

cellinx

critical

NVD

Published: 2020-11-06

Updated: 2020-11-19

Summary

Cellinx NVT Web Server 5.0.0.014b.test 2019-09-05 allows a remote user to run commands as root via SetFileContent.cgi because authentication is on the client side.

Vulnerable Configurations

Part	Description	Count
Application	Cellinx Cellinx NVT WEB Server 5.0.0.014B	1

References

https://github.com/summtime/CVE/tree/master/CVE-2020-28250