CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-24849

A remote code execution vulnerability is identified in FruityWifi through 2.4. Due to improperly escaped shell metacharacters obtained from the POST request at the page_config_adv.php page, it is possible to perform remote code execution by an authenticated attacker. This is similar to CVE-2018-17317.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.049

EPSS Ranking 89.1%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.5

References

Products affected by CVE-2020-24849

Fruitywifi Project » Fruitywifi » Version: 2.0

cpe:2.3:a:fruitywifi_project:fruitywifi:2.0
Fruitywifi Project » Fruitywifi » Version: 2.1

cpe:2.3:a:fruitywifi_project:fruitywifi:2.1
Fruitywifi Project » Fruitywifi » Version: 2.1.1

cpe:2.3:a:fruitywifi_project:fruitywifi:2.1.1
Fruitywifi Project » Fruitywifi » Version: 2.1.2

cpe:2.3:a:fruitywifi_project:fruitywifi:2.1.2
Fruitywifi Project » Fruitywifi » Version: 2.1.3

cpe:2.3:a:fruitywifi_project:fruitywifi:2.1.3
Fruitywifi Project » Fruitywifi » Version: 2.2

cpe:2.3:a:fruitywifi_project:fruitywifi:2.2
Fruitywifi Project » Fruitywifi » Version: 2.3

cpe:2.3:a:fruitywifi_project:fruitywifi:2.3
Fruitywifi Project » Fruitywifi » Version: 2.4

cpe:2.3:a:fruitywifi_project:fruitywifi:2.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-24849

Products

Pricing

Contact Us