Arbitrary Command Execution in Secudos DOMOS 5.8 via Shell Metacharacters in conf_datetime Zone Field
CVE-2020-14293 · HIGH Severity
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
conf_datetime in Secudos DOMOS 5.8 allows remote attackers to execute arbitrary commands as root via shell metacharacters in the zone field (obtained from the web interface).
Learn more about our Web App Pen Testing.