Arbitrary Command Execution via SNMP WRITE Access to EXTEND MIB in Net-SNMP 5.8

Arbitrary Command Execution via SNMP WRITE Access to EXTEND MIB in Net-SNMP 5.8

CVE-2020-15862 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root.

Learn more about our Web Application Penetration Testing UK.