CVE-2020-5632

Name of the Vulnerable Software and Affected Versions InfoCage SiteShell series versions 1.4 through 1.6 InfoCage SiteShell series versions prior to 2.0.0.6 InfoCage SiteShell series versions prior to 2.1.0.7 InfoCage SiteShell series versions prior to 2.1.1.6 InfoCage SiteShell series versions prior to 3.0.0.11 InfoCage SiteShell series versions prior to 4.0.0.6 InfoCage SiteShell series versions prior to 4.1.0.5 InfoCage SiteShell series versions prior to 4.2.0.1

Description The issue allows authenticated attackers to bypass access restrictions and execute arbitrary code with elevated privileges via specially crafted executable files.

Recommendations For versions 1.4 through 1.6, consider disabling the execution of arbitrary code until a patch is available. For versions prior to 2.0.0.6, restrict access to sensitive areas to minimize the risk of exploitation. For versions prior to 2.1.0.7, avoid using specially crafted executable files in the affected software until the issue is resolved. For versions prior to 2.1.1.6, consider implementing additional access controls to prevent bypassing of access restrictions. For versions prior to 3.0.0.11, restrict the execution of elevated privilege code to minimize the risk of exploitation. For versions prior to 4.0.0.6, consider disabling the vulnerable functionality until a patch is available. For versions prior to 4.1.0.5, avoid using the affected software with elevated privileges until the issue is resolved. For versions prior to 4.2.0.1, restrict access to the affected software to minimize the risk of exploitation.