CVE-2020-8949 : Gocloud S2A_WL 4.2.7.16471, S2A 4.2.7.17278, S2A 4.3.0.15815, S2A 4.3.0.17193, S

Gocloud S2A_WL 4.2.7.16471, S2A 4.2.7.17278, S2A 4.3.0.15815, S2A 4.3.0.17193, S3A K2P MTK 4.2.7.16528, S3A 4.3.0.16572, and ISP3000 4.3.0.17190 devices allows remote attackers to execute arbitrary OS commands via shell metacharacters in a ping operation, as demonstrated by the cgi-bin/webui/admin/tools/app_ping/diag_ping/; substring.

Published 2020-02-12 19:15:14

Updated 2020-02-25 13:36:12

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2020-8949

Gocloud » S2a Wl Firmware » Version: 4.2.7.16471
cpe:2.3:o:gocloud:s2a_wl_firmware:4.2.7.16471:*:*:*:*:*:*:*
Matching versions
When used together with: Gocloud » S2a Wl » Version: N/A
Gocloud » S2a Firmware » Version: 4.2.7.17278
cpe:2.3:o:gocloud:s2a_firmware:4.2.7.17278:*:*:*:*:*:*:*
Matching versions
When used together with: Gocloud » S2A » Version: N/A
Gocloud » S2a Firmware » Version: 4.3.0.15815
cpe:2.3:o:gocloud:s2a_firmware:4.3.0.15815:*:*:*:*:*:*:*
Matching versions
When used together with: Gocloud » S2A » Version: N/A
Gocloud » S2a Firmware » Version: 4.3.0.17193
cpe:2.3:o:gocloud:s2a_firmware:4.3.0.17193:*:*:*:*:*:*:*
Matching versions
When used together with: Gocloud » S2A » Version: N/A
Gocloud » S3a K2p Mtk Firmware » Version: 4.2.7.16528
cpe:2.3:o:gocloud:s3a_k2p_mtk_firmware:4.2.7.16528:*:*:*:*:*:*:*
Matching versions
When used together with: Gocloud » S3a K2p Mtk » Version: N/A
Gocloud » S3a Firmware » Version: 4.3.0.16572
cpe:2.3:o:gocloud:s3a_firmware:4.3.0.16572:*:*:*:*:*:*:*
Matching versions
When used together with: Gocloud » S3A » Version: N/A
Gocloud » Isp3000 Firmware » Version: 4.3.0.17190
cpe:2.3:o:gocloud:isp3000_firmware:4.3.0.17190:*:*:*:*:*:*:*
Matching versions
When used together with: Gocloud » Isp3000 » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2020-8949

EPSS FAQ

4.01%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 88 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2020-8949

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
9.0	HIGH	AV:N/AC:L/Au:S/C:C/I:C/A:C	8.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: Single Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	2.8	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2020-8949

CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2020-8949

https://sku11army.blogspot.com/2020/02/gocloud-rce-in-gocloud-routers.html

[GOCLOUD] - RCE in Gocloud Routers (authenticated) - (CVE-2020-8949) ~ Skull Army
Exploit;Third Party Advisory

Jump to

Vulnerability Details : CVE-2020-8949

Products affected by CVE-2020-8949

Exploit prediction scoring system (EPSS) score for CVE-2020-8949

CVSS scores for CVE-2020-8949

CWE ids for CVE-2020-8949

References for CVE-2020-8949