PT-2021-10497 · Unknown · White Shark System

Published

2021-06-21

Updated

2021-06-23

CVE-2020-20471

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: White Shark System (WSS) version 1.3.2

Description: The issue allows remote attackers to exploit an unauthorized access vulnerability in the default user edit.php file to escalate to admin privileges.

Recommendations: For White Shark System (WSS) version 1.3.2, consider restricting access to the default user edit.php file until a patch is available. As a temporary workaround, limit the privileges of users who can access this file to minimize the risk of exploitation.

Exploit

Fix

Incorrect Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-863

Related Identifiers

CVE-2020-20471

Affected Products

White Shark System

PT-2021-10497 · Unknown · White Shark System

CVE-2020-20471

Weakness Enumeration

Related Identifiers

Affected Products

References · 5