CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-12737

An issue was discovered in Maxum Rumpus before 8.2.12 on macOS. Authenticated users can perform a path traversal using double escaped characters, enabling read access to arbitrary files on the server.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 66.5%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.0

References

https://gist.github.com/escaped-com/83d89a05067c62e95992d42bbfa58933
https://www.maxum.com/Rumpus/Overview.html
https://gist.github.com/escaped-com/83d89a05067c62e95992d42bbfa58933
https://www.maxum.com/Rumpus/Overview.html

Products affected by CVE-2020-12737

Maxum » Rumpus » Version: Any

cpe:2.3:a:maxum:rumpus:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-12737

Products

Pricing

Contact Us