Command Injection Vulnerability in QuickBox Community and Pro Editions

Command Injection Vulnerability in QuickBox Community and Pro Editions

CVE-2020-13448 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

QuickBox Community Edition through 2.5.5 and Pro Edition through 2.1.8 allows an authenticated remote attacker to execute code on the server via command injection in the servicestart parameter.

Learn more about our Cis Benchmark Audit For Server Software.