04 Mai 2021
Vulnérabilité CVE-2020-21999 CVE Vulnerability
iWT Ltd FaceSentry Access Control System 6.4.8 suffers from an authenticated OS command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user via the 'strInIP' POST parameter in pingTest PHP script. (CVSS:0.0) (Last Update:2021-05-04)
Vulnerability Details : iWT Ltd FaceSentry Access Control System 6.4.8 suffers from an authenticated OS command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user via the 'strInIP' POST parameter in pingTest PHP script. Publish Date : 2021-05-04 Last Update Date : 2021-05-04 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2020-21999
- References For CVE-2020-21999
| |||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2020-21999There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |