PT-2020-17042 · Netskope · Netskope

Aamir Rehman Yousafzai

Published

2020-11-20

Updated

2020-12-09

CVE-2020-28845

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Netskope version 75.0

Description A CSV injection vulnerability in the Admin portal allows an unauthenticated user to inject a malicious payload, potentially compromising the admin's system.

Recommendations For Netskope version 75.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1236

Related Identifiers

CVE-2020-28845

Affected Products

Netskope

PT-2020-17042 · Netskope · Netskope

CVE-2020-28845

Weakness Enumeration

Related Identifiers

Affected Products

References · 6