Remote Code Execution Vulnerability in Schmid ZI 620 V400 VPN 090 Routers via SSH Subcommand Menu

CVE-2020-6760 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Schmid ZI 620 V400 VPN 090 routers allow an attacker to execute OS commands as root via shell metacharacters to an entry on the SSH subcommand menu, as demonstrated by ping.

Learn more about our Web Application Penetration Testing UK.