Vulnerability Details CVE-2020-14011
Lansweeper 6.0.x through 7.2.x has a default installation in which the admin password is configured for the admin account, unless "Built-in admin" is manually unchecked. This allows command execution via the Add New Package and Scheduled Deployments features.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.475
EPSS Ranking 97.6%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- http://packetstormsecurity.com/files/158205/Lansweeper-7.2-Default-Account-Remote-Code-Execution.html
- https://pastebin.com/EUkMx94X
- https://www.lansweeper.com/knowledgebase/restricting-access-to-the-web-console/
- http://packetstormsecurity.com/files/158205/Lansweeper-7.2-Default-Account-Remote-Code-Execution.html
- https://pastebin.com/EUkMx94X
- https://www.lansweeper.com/knowledgebase/restricting-access-to-the-web-console/
Products affected by CVE-2020-14011
-
cpe:2.3:a:lansweeper:lansweeper:6.0.0.19
-
cpe:2.3:a:lansweeper:lansweeper:6.0.0.22
-
cpe:2.3:a:lansweeper:lansweeper:6.0.0.42
-
cpe:2.3:a:lansweeper:lansweeper:6.0.0.45
-
cpe:2.3:a:lansweeper:lansweeper:6.0.0.48
-
cpe:2.3:a:lansweeper:lansweeper:6.0.0.51
-
cpe:2.3:a:lansweeper:lansweeper:6.0.0.63
-
cpe:2.3:a:lansweeper:lansweeper:6.0.0.64
-
cpe:2.3:a:lansweeper:lansweeper:6.0.0.65
-
cpe:2.3:a:lansweeper:lansweeper:6.0.0.6517
-
cpe:2.3:a:lansweeper:lansweeper:6.0.100.12
-
cpe:2.3:a:lansweeper:lansweeper:6.0.100.21
-
cpe:2.3:a:lansweeper:lansweeper:6.0.100.29
-
cpe:2.3:a:lansweeper:lansweeper:6.0.100.67
-
cpe:2.3:a:lansweeper:lansweeper:6.0.100.75
-
cpe:2.3:a:lansweeper:lansweeper:6.0.100.87
-
cpe:2.3:a:lansweeper:lansweeper:6.0.100.94
-
cpe:2.3:a:lansweeper:lansweeper:6.0.100.98
-
cpe:2.3:a:lansweeper:lansweeper:6.0.110.104
-
cpe:2.3:a:lansweeper:lansweeper:6.0.110.98
-
cpe:2.3:a:lansweeper:lansweeper:6.0.130.40
-
cpe:2.3:a:lansweeper:lansweeper:6.0.130.48
-
cpe:2.3:a:lansweeper:lansweeper:6.0.130.62
-
cpe:2.3:a:lansweeper:lansweeper:6.0.150.50
-
cpe:2.3:a:lansweeper:lansweeper:6.0.150.60
-
cpe:2.3:a:lansweeper:lansweeper:6.0.151.26
-
cpe:2.3:a:lansweeper:lansweeper:6.0.151.32
-
cpe:2.3:a:lansweeper:lansweeper:6.0.151.34
-
cpe:2.3:a:lansweeper:lansweeper:6.0.230.45
-
cpe:2.3:a:lansweeper:lansweeper:6.0.230.46
-
cpe:2.3:a:lansweeper:lansweeper:6.0.230.48
-
cpe:2.3:a:lansweeper:lansweeper:6.0.230.49
-
cpe:2.3:a:lansweeper:lansweeper:7.0.100.5
-
cpe:2.3:a:lansweeper:lansweeper:7.0.110.2
-
cpe:2.3:a:lansweeper:lansweeper:7.0.151.4
-
cpe:2.3:a:lansweeper:lansweeper:7.0.30.61
-
cpe:2.3:a:lansweeper:lansweeper:7.0.30.64
-
cpe:2.3:a:lansweeper:lansweeper:7.0.30.66
-
cpe:2.3:a:lansweeper:lansweeper:7.1.100.12
-
cpe:2.3:a:lansweeper:lansweeper:7.1.100.16
-
cpe:2.3:a:lansweeper:lansweeper:7.1.110.5
-
cpe:2.3:a:lansweeper:lansweeper:7.1.110.6
-
cpe:2.3:a:lansweeper:lansweeper:7.1.110.7
-
cpe:2.3:a:lansweeper:lansweeper:7.1.115.3
-
cpe:2.3:a:lansweeper:lansweeper:7.1.115.4
-
cpe:2.3:a:lansweeper:lansweeper:7.1.117.4
-
cpe:2.3:a:lansweeper:lansweeper:7.1.118.10
-
cpe:2.3:a:lansweeper:lansweeper:7.1.40.5
-
cpe:2.3:a:lansweeper:lansweeper:7.1.40.6
-
cpe:2.3:a:lansweeper:lansweeper:7.1.50.1
-
cpe:2.3:a:lansweeper:lansweeper:7.2.100.20
-
cpe:2.3:a:lansweeper:lansweeper:7.2.100.23
-
cpe:2.3:a:lansweeper:lansweeper:7.2.100.28
-
cpe:2.3:a:lansweeper:lansweeper:7.2.100.31
-
cpe:2.3:a:lansweeper:lansweeper:7.2.100.33
-
cpe:2.3:a:lansweeper:lansweeper:7.2.105.2
-
cpe:2.3:a:lansweeper:lansweeper:7.2.106.26
-
cpe:2.3:a:lansweeper:lansweeper:7.2.106.35
-
cpe:2.3:a:lansweeper:lansweeper:7.2.106.48
-
cpe:2.3:a:lansweeper:lansweeper:7.2.107.4
-
cpe:2.3:a:lansweeper:lansweeper:7.2.108.6