Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2020-22002
HistoryApr 29, 2021 - 2:22 p.m.

CVE-2020-22002

2021-04-2914:22:20
mitre
www.cve.org
4
ssrf
inim electronics
smartlan/g/si
vulnerability
http request

EPSS

0.005

Percentile

75.9%

JSON

An Unauthenticated Server-Side Request Forgery (SSRF) vulnerability exists in Inim Electronics Smartliving SmartLAN/G/SI <=6.x within the GetImage functionality. The application parses user supplied data in the GET parameter β€˜host’ to construct an image request to the service through onvif.cgi. Since no validation is carried out on the parameter, an attacker can specify an external domain and force the application to make an HTTP request to an arbitrary destination host.

Related

zeroscience 1
nvd 1
cve 1
prion 1
zeroscience
zeroscience
Inim Electronics Smartliving SmartLAN/G/SI <=6.x Unauthenticated SSRF
2019-12-09 00:00:00
nvd
nvd
CVE-2020-22002
2021-04-29 15:15:10
cve
cve
CVE-2020-22002
2021-04-29 15:15:10
prion
prion
Server side request forgery (ssrf)
2021-04-29 15:15:00

EPSS

0.005

Percentile

75.9%

JSON
Related for CVELIST:CVE-2020-22002
zeroscience1nvd1cve1prion1