Lucene search
MitreCVELIST:CVE-2020-24916HistorySep 09, 2020 - 6:10 p.m.
CVE-2020-24916
2020-09-0918:10:25
mitre
www.cve.org
7
yaws web server
cgi
os command injection
CGI implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to OS command injection.
References
github.com/erlyaws/yaws/commits/master
github.com/vulnbe/poc-yaws-cgi-shell-injection
lists.debian.org/debian-lts-announce/2020/09/msg00022.html
packetstormsecurity.com/files/159106/Yaws-2.0.7-XML-Injection-Command-Injection.html
usn.ubuntu.com/4569-1/
vuln.be/post/yaws-xxe-and-shell-injections/
www.debian.org/security/2020/dsa-4773
Related
nvd
nvd
CVE-2020-24916
2020-09-09 19:15:21
ubuntucve
ubuntucve
CVE-2020-24916
2020-09-09 00:00:00
osv
osv
CVE-2020-24916
2020-09-09 19:15:21
yaws - security update
2020-09-26 00:00:00
yaws vulnerabilities
2020-10-05 13:32:55
redhatcve
redhatcve
CVE-2020-24916
2022-05-21 00:04:50
cve
cve
CVE-2020-24916
2020-09-09 19:15:21
prion
prion
Command injection
2020-09-09 19:15:00
debiancve
debiancve
CVE-2020-24916
2020-09-09 19:15:21
debian
debian
[SECURITY] [DLA 2384-1] yaws security update
2020-09-26 16:00:58
[SECURITY] [DSA 4773-1] yaws security update
2020-10-16 21:55:11
[SECURITY] [DSA 4773-1] yaws security update
2020-10-16 21:55:11
ubuntu
ubuntu
Yaws vulnerabilities
2020-10-05 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-4569-1)
2020-10-06 00:00:00
Debian: Security Advisory (DSA-4773-1)
2020-10-17 00:00:00
Debian: Security Advisory (DLA-2384-1)
2020-09-27 00:00:00
nessus
nessus
Debian DSA-4773-1 : yaws - security update
2020-10-19 00:00:00
Ubuntu 18.04 LTS : Yaws vulnerabilities (USN-4569-1)
2020-10-05 00:00:00
Debian DLA-2384-1 : yaws security update
2020-09-28 00:00:00
packetstorm
packetstorm
Yaws 2.0.7 XML Injection / Command Injection
2020-09-08 00:00:00
archlinux
archlinux
[ASA-202009-14] yaws: multiple issues
2020-09-26 00:00:00
checkpoint_advisories
checkpoint_advisories