← back
CVE-2020-13448

CVE-2020-13448

EPSS 17.8%
QuickBox Community Edition through 2.5.5 and Pro Edition through 2.1.8 allows an authenticated remote attacker to execute code on the server via command injection in the servicestart parameter.
Affected products
n/a · n/a
public PoCs found2
cve_referencepacketstormsecurity.com/files/157898/QuickBox-Pro-2.1.8-Remote-Code-Execution.htmlunverifiedexploitdbwww.exploit-db.com/exploits/48536unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/157898/QuickBox-Pro-2.1.8-Remote-Code-Execution.htmlhttps://s1gh.sh/cve-2020-13448-quickbox-authenticated-rce/