Command Injection Vulnerability in GaussDB 200 (Version 6.5.1)

Command Injection Vulnerability in GaussDB 200 (Version 6.5.1)

CVE-2020-1811 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

GaussDB 200 with version of 6.5.1 have a command injection vulnerability. Due to insufficient input validation, remote attackers with low permissions could exploit this vulnerability by sending crafted commands to the affected device. Successful exploit could allow an attacker to execute commands.

Learn more about our Web Application Penetration Testing UK.