Vulnerability Details CVE-2020-22724
A remote command execution vulnerability exists in add_server_service of PPTP_SERVER in Mercury Router MER1200 v1.0.1 and Mercury Router MER1200G v1.0.1.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.237
EPSS Ranking 95.8%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
- https://cwe.mitre.org/data/definitions/78.html
- https://github.com/DarkEyeR/CVE_Apply/blob/master/Mercury/Mercury%20MER1200%20Router%20v1.0.1%20RCE%20%20.md
- https://cwe.mitre.org/data/definitions/78.html
- https://github.com/DarkEyeR/CVE_Apply/blob/master/Mercury/Mercury%20MER1200%20Router%20v1.0.1%20RCE%20%20.md
Products affected by CVE-2020-22724
-
cpe:2.3:h:mercury:mer1200:-
-
cpe:2.3:h:mercury:mer1200g:-
-
cpe:2.3:o:mercury:mer1200_firmware:1.0.1
-
cpe:2.3:o:mercury:mer1200g_firmware:1.0.1