Vulnerabilities > CVE-2020-28250 - Unspecified vulnerability in Cellinx NVT web Server 5.0.0.014B

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

cellinx

critical

NVD

Published: 2020-11-06

Updated: 2020-11-19

Summary

Cellinx NVT Web Server 5.0.0.014b.test 2019-09-05 allows a remote user to run commands as root via SetFileContent.cgi because authentication is on the client side.

Vulnerable Configurations

Part	Description	Count
Application	Cellinx Cellinx NVT WEB Server 5.0.0.014B	1

References

https://github.com/summtime/CVE/tree/master/CVE-2020-28250