← back
CVE-2020-11817

CVE-2020-11817

EPSS 2.0%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 2.0%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
27 Apr 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In Rukovoditel V2.5.2, attackers can upload an arbitrary file to the server just changing the the content-type value. As a result of that, an attacker can execute a command on the server. This specific attack only occurs with the Maintenance Mode setting.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://fatihhcelik.blogspot.com/2020/01/rukovoditel-maintenance-mode.html