ГлавнаяУязвимости → CVE-2020-8007
9.8критическая

CVE-2020-8007

Описание

The pwrstudio web application of EV Charger (in the server in Circontrol Raption through 5.6.2) is vulnerable to OS command injection via three fields of the configuration menu for ntpserver0, ntpserver1, and pingip.

CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://circontrol.com/intelligent-charging-solutions/dc-chargers-series/raption-150/https://seclists.org/fulldisclosure/2024/Mar/33http://seclists.org/fulldisclosure/2024/Mar/33