Vulnerability Details CVE-2020-17384
Cellopoint CelloOS v4.1.10 Build 20190922 does not validate URL inputted properly. With the cookie of the system administrator, attackers can inject and remotely execute arbitrary command to manipulate the system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 62.7%
CVSS Severity
CVSS v3 Score 7.2
CVSS v2 Score 9.0
References
Products affected by CVE-2020-17384
-
cpe:2.3:o:cellopoint:cellos:4.1.10