Arbitrary File Creation and Command Execution Vulnerability in CAMS for HIS CENTUM CS 3000, CENTUM VP, B/M9000CS, and B/M9000 VP

Arbitrary File Creation and Command Execution Vulnerability in CAMS for HIS CENTUM CS 3000, CENTUM VP, B/M9000CS, and B/M9000 VP

CVE-2020-5609 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Directory traversal vulnerability in CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (includes CENTUM VP Small, Basic) R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to create or overwrite arbitrary files and run arbitrary commands via unspecified vectors.

Learn more about our Web Application Penetration Testing UK.