CVE-2020-7357

Published: Aug 6, 2020Modified: Nov 21, 2024

9.9

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Exploitability: 3.1 / Impact: 6.0

Source: NVD

Description

Cayin CMS suffers from an authenticated OS semi-blind command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user through the 'NTP_Server_IP' HTTP POST parameter in system.cgi page. This issue affects several branches and versions of the CMS application, including CME-SE, CMS-60, CMS-40, CMS-20, and CMS version 8.2, 8.0, and 7.5.

Affected (13)

Products: Cayintech: Cms Se Firmware, Cms Se Lxc Firmware, Cms 60 Firmware, Cms 40 Firmware, Cms 20 Firmware, Cms

6 products

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cayintech Cms Se Firmware	Version 11.0 19179

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Cayintech Cms Se Firmware	Version 11.0 19025

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cayintech Cms Se Firmware	Version 11.0 18325

Running on/with	Platform Versions
Cayintech Cms Se	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cayintech Cms Se Lxc Firmware	All versions

Running on/with	Platform Versions
Cayintech Cms Se Lxc	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cayintech Cms 60 Firmware	Version 11.0 19025

Running on/with	Platform Versions
Cayintech Cms 60	All versions

Configuration F

1 vulnerable

Vulnerable Software	Affected Versions
Cayintech Cms 40 Firmware	Version 9.0 14197

Configuration G

1 vulnerable

Vulnerable Software	Affected Versions
Cayintech Cms 40 Firmware	Version 9.0 14199

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cayintech Cms 40 Firmware	Version 9.0 14093

Running on/with	Platform Versions
Cayintech Cms 40	All versions

Configuration I

1 vulnerable

Vulnerable Software	Affected Versions
Cayintech Cms 20 Firmware	Version 9.0 14197

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cayintech Cms 20 Firmware	Version 9.0 14092

Running on/with	Platform Versions
Cayintech Cms 20	All versions

Configuration K

3 vulnerable

Vulnerable Software	Affected Versions
Cayintech Cms	Version 7.5 11175
Cayintech Cms	Version 8.0 11175
Cayintech Cms	Version 8.2 12199

Related CWEs

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

References (6)

https://exchange.xforce.ibmcloud.com/vulnerabilities/182925

Source: cve@rapid7.com

Third Party AdvisoryVDB Entry

https://github.com/rapid7/metasploit-framework/pull/13607

Source: cve@rapid7.com

ExploitPatch

https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5570.php

Source: cve@rapid7.com

ExploitThird Party Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/182925

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://github.com/rapid7/metasploit-framework/pull/13607

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatch

https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5570.php

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.