Security Advisory

CVE-2020-36910

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-06 15:52:22

Last updated 2026-01-06 19:32:13

Assigner VulnCheck

State PUBLISHED

Description

Cayin Signage Media Player 3.0 contains an authenticated remote command injection vulnerability in system.cgi and wizard_system.cgi pages. Attackers can exploit the NTP_Server_IP parameter with default credentials to execute arbitrary shell commands as root.

← Browse all CVEs View on cve.org ↗