Vulnerability Details CVE-2020-8797
Juplink RX4-1500 v1.0.3 allows remote attackers to gain root access to the Linux subsystem via an unsanitized exec call (aka Command Line Injection), if the undocumented telnetd service is enabled and the attacker can authenticate as admin from the local network.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.3%
CVSS Severity
CVSS v3 Score 6.7
CVSS v2 Score 6.9
Products affected by CVE-2020-8797
-
cpe:2.3:h:juplink:rx4-1500:-
-
cpe:2.3:o:juplink:rx4-1500_firmware:1.0.3