CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-35710

Parallels Remote Application Server (RAS) 18 allows remote attackers to discover an intranet IP address because submission of the login form (even with blank credentials) provides this address to the attacker's client for use as a "host" value. In other words, after an attacker's web browser sent a request to the login form, it would automatically send a second request to a RASHTML5Gateway/socket.io URI with something like "host":"192.168.###.###" in the POST data.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 66.4%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 5.0

References

https://twitter.com/amadapa/status/1342407005110218753
https://www.elladodelmal.com/2020/12/blue-team-red-team-como-parallels-ras.html
https://twitter.com/amadapa/status/1342407005110218753
https://www.elladodelmal.com/2020/12/blue-team-red-team-como-parallels-ras.html

Products affected by CVE-2020-35710

Parallels » Remote Application Server » Version: 18.0

cpe:2.3:a:parallels:remote_application_server:18.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-35710

Products

Pricing

Contact Us