ГлавнаяУязвимости → CVE-2020-37027
9.8критическая

CVE-2020-37027

Описание

Sickbeard alpha contains a remote command injection vulnerability that allows unauthenticated attackers to execute arbitrary commands through the extra scripts configuration. Attackers can set malicious commands in the extra scripts field and trigger processing to execute remote code on the vulnerable Sickbeard installation.

CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/midgetspy/Sick-Beardhttps://web.archive.org/web/20190722085652/https://sickbeard.com/https://www.exploit-db.com/exploits/48646https://www.vulncheck.com/advisories/sickbeard-remote-command-injection