CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-29659

A buffer overflow in the web server of Flexense DupScout Enterprise 10.0.18 allows a remote anonymous attacker to execute code as SYSTEM by overflowing the sid parameter via a GET /settings&sid= attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.034

EPSS Ranking 86.8%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

https://fluidattacks.com/advisories/prine/
https://www.dupscout.com
https://www.exploit-db.com/exploits/49217
https://fluidattacks.com/advisories/prine/
https://www.dupscout.com
https://www.exploit-db.com/exploits/49217

Products affected by CVE-2020-29659

Flexense » Dupscout » Version: 10.0.18

cpe:2.3:a:flexense:dupscout:10.0.18

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-29659

Products

Pricing

Contact Us