Lucene search
GoogleOSV:CVE-2020-14947HistoryJun 30, 2020 - 9:15 p.m.
CVE-2020-14947
2020-06-3021:15:11
Google
osv.dev
4
OCS Inventory NG 2.7 allows Remote Command Execution via shell metacharacters to require/commandLine/CommandLine.php because mib_file in plugins/main_sections/ms_config/ms_snmp_config.php is mishandled in get_mib_oid.
References
packetstormsecurity.com/files/158293/OCS-Inventory-NG-2.7-Remote-Code-Execution.html
drive.google.com/file/d/1-LVfL5ui5m2QfQxr0fDopzSECd4fTNrQ/view?usp=sharing
gist.github.com/mhaskar/233436d3096d4a7beafe36ff61dc2c73
github.com/OCSInventory-NG/OCSInventory-ocsreports/commit/da72e0fddaeceee44fbbd7241e07e5d53d1eee64
shells.systems/ocs-inventory-ng-v2-7-remote-command-execution-cve-2020-14947/
Related
openvas
openvas
OCS Inventory NG < 2.9 RCE Vulnerability
2020-07-03 00:00:00
githubexploit
githubexploit
packetstorm
packetstorm
OCS Inventory NG 2.7 Remote Code Execution
2020-07-03 00:00:00
checkpoint_advisories
checkpoint_advisories
OCS Inventory NG CommandLine.php Command Injection (CVE-2020-14947)
2020-09-05 00:00:00
prion
prion
Design/Logic Flaw
2020-06-30 21:15:00
cve
cve
CVE-2020-14947
2020-06-30 21:15:11
ubuntucve
ubuntucve
CVE-2020-14947
2020-06-30 00:00:00
debiancve
debiancve
CVE-2020-14947
2020-06-30 21:15:11
exploitdb
exploitdb
OCS Inventory NG 2.7 - Remote Code Execution
2020-07-02 00:00:00
nvd
nvd
CVE-2020-14947
2020-06-30 21:15:11
cvelist
cvelist
CVE-2020-14947
2020-06-30 20:44:34
zdt
zdt
OCS Inventory NG 2.7 - Remote Code Execution Exploit
2020-07-02 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - October 2020
2020-10-13 23:25:39