CVE-2020-24032

Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Published: 18/08/2020 Updated: 06/12/2022

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

tz.pl on XoruX LPAR2RRD and STOR2RRD 2.70 virtual appliances allows cmd=set&tz=OS command injection via shell metacharacters in a timezone.

Vulnerable Product	Search on Vulmon	Subscribe to Product
xorux stor2rrd 2.7.0
xorux lpar2rrd 2.7.0

CVE-2020-24032 [Suggested description] tzpl on XoruX LPAR2RRD and STOR2RRD 270 virtual appliances allows cmd=set&tz=OS command injection via shell metacharacters in a timezone [VulnerabilityType Other] OS command injection [Vendor of Product] XoruX sro [Affected Product Code Base] LPAR2RRD and STOR2RRD Virtual Appliance version - 270 [Attack Type] Remote [Impact

CWE-78 https://www.stor2rrd.com/download.php https://pastebin.com/dHhawgx8 https://pastebin.com/G8981Fj8 https://nvd.nist.gov https://github.com/jet-pentest/CVE-2020-24032

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-24032

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect