Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Cms\-Se\-Lxc_firmware
(Cayintech)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 1 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-08-06 | CVE-2020-7357 | Cayin CMS suffers from an authenticated OS semi-blind command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user through the 'NTP_Server_IP' HTTP POST parameter in system.cgi page. This issue affects several branches and versions of the CMS application, including CME-SE, CMS-60, CMS-40, CMS-20, and CMS version 8.2, 8.0, and 7.5. | Cms, Cms\-20_firmware, Cms\-40_firmware, Cms\-60_firmware, Cms\-Se\-Lxc_firmware, Cms\-Se_firmware | 9.9 |