PT-2019-5738 · Lifesize · Gateone

Glzjin

Publicado

2019-08-29

Atualizado

2021-07-21

CVE-2020-20184

CVSS v2.0

Crítica

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions GateOne (affected versions not specified)

Description The issue is related to insufficient input validation in the terminal emulator and SSH client, GateOne. This allows remote attackers to execute arbitrary commands via shell metacharacters in the port field when attempting an SSH connection.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

OS Command Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20CWE-78

Identificadores relacionados

BDU:2021-01242

CVE-2020-20184

Produtos afetados

Gateone

PT-2019-5738 · Lifesize · Gateone

CVE-2020-20184

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7