CVE-2020-22159

Name of the Vulnerable Software and Affected Versions EVERTZ devices 3080IPX version exe-guest-v1.2-r26125 EVERTZ devices 7801FC version 1.3 Build 27 EVERTZ devices 7890IXG version V494

Description The issue allows an authenticated attacker to perform Arbitrary File Upload, enabling them to upload a webshell or overwrite critical system files.

Recommendations For EVERTZ devices 3080IPX version exe-guest-v1.2-r26125, consider restricting access to the file upload functionality until a patch is available. For EVERTZ devices 7801FC version 1.3 Build 27, restrict access to critical system files to minimize the risk of exploitation. For EVERTZ devices 7890IXG version V494, avoid using the vulnerable file upload feature until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.