CVE-2021-20623

Critical

Video Insight VMS versions prior to 7.8 allows a remote attacker to execute arbitrary code with the system user privilege by sending a…

jpcert·CWE-319·Published 2021-02-05

CVSS

9.8

EPSS

0.03

KEV

Exploits

cve.orgen

161 chars

Video Insight VMS versions prior to 7.8 allows a remote attacker to execute arbitrary code with the system user privilege by sending a specially crafted request.

NVDen

161 chars

Video Insight VMS versions prior to 7.8 allows a remote attacker to execute arbitrary code with the system user privilege by sending a specially crafted request.

Video Insight VMS versiones anteriores a 7.8, permiten a un atacante remoto ejecutar código arbitrario con privilegios del usuario system mediante el envío de una petición especialmente diseñada

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	10.0	10.0	10.0	AV:N/AC:L/Au:N/C:C/I:C/A:C
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H