Vulnerability Details CVE-2020-29311
Ubilling v1.0.9 allows Remote Command Execution as Root user by executing a malicious command that is injected inside the config file and being triggered by another part of the software.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.085
EPSS Ranking 91.9%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
- https://drive.google.com/file/d/1iLMFSbY8x1CXIf0uFntovY6yZ7N24dQA/view?usp=sharing
- https://drive.google.com/file/d/1smOjvenPB-nE0PyIxnfujCT4KcxxkeWV/view?usp=sharing
- https://gist.github.com/mhaskar/bfa9c2c799fca6697bcc6a213d08cb3e
- https://drive.google.com/file/d/1iLMFSbY8x1CXIf0uFntovY6yZ7N24dQA/view?usp=sharing
- https://drive.google.com/file/d/1smOjvenPB-nE0PyIxnfujCT4KcxxkeWV/view?usp=sharing
- https://gist.github.com/mhaskar/bfa9c2c799fca6697bcc6a213d08cb3e