← back
CVE-2020-5844

CVE-2020-5844

EPSS 30.3%
index.php?sec=godmode/extensions&sec2=extensions/files_repo in Pandora FMS v7.0 NG allows authenticated administrators to upload malicious PHP scripts, and execute them via base64 decoding of the file location. This affects v7.0NG.742_FIX_PERL2020.
Affected products
n/a · n/a
public PoCs found4
githubgithub.com/UNICORDev/exploit-CVE-2020-58447githubgithub.com/TheCyberGeek/CVE-2020-58444exploitdbwww.exploit-db.com/exploits/50961unverifiedcve_referencepacketstormsecurity.com/files/167503/Pandora-FMS-7.0NG.742-Remote-Code-Execution.htmlunverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/167503/Pandora-FMS-7.0NG.742-Remote-Code-Execution.htmlhttps://github.com/TheCyberGeek/CVE-2020-5844https://pandorafms.com