Vulnerabilities > Secudos > Domos

DATE CVE VULNERABILITY TITLE RISK
2020-10-02 CVE-2020-14293 OS Command Injection vulnerability in Secudos Domos 5.6/5.6.1/5.8
conf_datetime in Secudos DOMOS 5.8 allows remote attackers to execute arbitrary commands as root via shell metacharacters in the zone field (obtained from the web interface).
network
high complexity
secudos CWE-78
7.5
7.5
2019-11-02 CVE-2019-18665 Path Traversal vulnerability in Secudos Domos
The Log module in SECUDOS DOMOS before 5.6 allows local file inclusion.
network
low complexity
secudos CWE-22
7.5
7.5
2019-11-02 CVE-2019-18664 Cross-site Scripting vulnerability in Secudos Domos
The Log module in SECUDOS DOMOS before 5.6 allows XSS.
network
low complexity
secudos CWE-79
5.4
5.4