CVE-2020-36529

Description

A vulnerability classified as critical has been found in SevOne Network Management System up to 5.7.2.22. This affects the file traceroute.php of the Traceroute Handler. The manipulation leads to privilege escalation with a command injection. It is possible to initiate the attack remotely.

References

Third Party AdvisoryVDB Entry
ExploitMailing ListThird Party Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

AccessComplexity

MEDIUM

ConfidentialityImpact

COMPLETE

AvailabilityImpact

COMPLETE

IntegrityImpact

COMPLETE

BaseScore

8.5

VectorString

AV:N/AC:M/Au:S/C:C/I:C/A:C

Version

2.0

AccessVector

NETWORK

Authentication

SINGLE