Security Advisory

CVE-2020-25755

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-06-16 18:27:47

Last updated 2024-08-04 15:40:36

Assigner mitre

State PUBLISHED

Description

An issue was discovered on Enphase Envoy R3.x and D4.x (and other current) devices. The upgrade_start function in /installer/upgrade_start allows remote authenticated users to execute arbitrary commands via the force parameter.

← Browse all CVEs View on cve.org ↗