Security Advisory

CVE-2020-11920

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-02-08 01:43:04

Last updated 2024-08-04 11:42:00

Assigner mitre

State PUBLISHED

Description

An issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3.14. A command injection vulnerability resides in the HOST/IP section of the NFS settings menu in the webserver running on the device. By injecting Bash commands via shell metacharacters here, the device executes arbitrary code with root privileges (all of the devices services are running as root).

← Browse all CVEs View on cve.org ↗