CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-11490

Manage::Certificates in Zen Load Balancer 3.10.1 allows remote authenticated admins to execute arbitrary OS commands via shell metacharacters in the index.cgi cert_issuer, cert_division, cert_organization, cert_locality, cert_state, cert_country, or cert_email parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.018

EPSS Ranking 82.0%

CVSS Severity

CVSS v3 Score 7.2

CVSS v2 Score 9.0

References

http://code610.blogspot.com/2020/03/pentesting-zen-load-balancer-quick.html
https://github.com/c610/tmp/blob/master/zenload4patreons.zip
http://code610.blogspot.com/2020/03/pentesting-zen-load-balancer-quick.html
https://github.com/c610/tmp/blob/master/zenload4patreons.zip

Products affected by CVE-2020-11490

Zevenet » Zen Load Balancer » Version: 3.10.1

cpe:2.3:a:zevenet:zen_load_balancer:3.10.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-11490

Products

Pricing

Contact Us