← back
CVE-2020-8260

CVE-2020-8260

CVSS 7.2 HIGHEPSS 96.5%● KEVCWE-434
In short

An authenticated attacker can execute arbitrary code on Pulse Connect Secure versions before 9.1R9 by exploiting improper handling of gzip-compressed files in the admin interface. This allows complete system compromise by an insider or someone with valid credentials.

Technical detail

CVE-2020-8260 is a CWE-434 (Unrestricted Upload of File with Dangerous Type) vulnerability in Pulse Connect Secure's admin web interface that permits authenticated attackers to achieve remote code execution via uncontrolled gzip extraction. The attack requires valid authentication credentials and exploits insufficient validation of decompressed file content, leading to arbitrary code execution with application privileges.

Summary generated and translated by AI from the official description.
A vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could allow an authenticated attacker to perform an arbitrary code execution using uncontrolled gzip extraction.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · Pulse Connect Secure / Pulse Policy Secure
public PoCs found1
cve_referencepacketstormsecurity.com/files/160619/Pulse-Secure-VPN-Remote-Code-Execution.htmlunverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/160619/Pulse-Secure-VPN-Remote-Code-Execution.htmlhttps://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-8260