Vulnerability Details CVE-2020-22159
EVERTZ devices 3080IPX exe-guest-v1.2-r26125, 7801FC 1.3 Build 27, and 7890IXG V494 are vulnerable to Arbitrary File Upload, allowing an authenticated attacker to upload a webshell or overwrite any critical system files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 28.2%
CVSS Severity
CVSS v3 Score 8.8
References
- https://cacharros-inthewild.blogspot.com/2023/07/the-3080ipx-is-integrated-multicast.html
- https://sku11army.blogspot.com/2020/02/evertz-path-transversal-arbitrary-file.html
- https://cacharros-inthewild.blogspot.com/2023/07/the-3080ipx-is-integrated-multicast.html
- https://sku11army.blogspot.com/2020/02/evertz-path-transversal-arbitrary-file.html
Products affected by CVE-2020-22159
-
cpe:2.3:h:evertz:3080ipx:-
-
cpe:2.3:h:evertz:7801fc:-
-
cpe:2.3:h:evertz:7890ixg:-
-
cpe:2.3:o:evertz:3080ipx_firmware:exe-guest-v1.2-r26125
-
cpe:2.3:o:evertz:7801fc_firmware:1.3
-
cpe:2.3:o:evertz:7890ixg_firmware:v494