Vulnerability Details CVE-2020-8963
TimeTools SC7105 1.0.007, SC9205 1.0.007, SC9705 1.0.007, SR7110 1.0.007, SR9210 1.0.007, SR9750 1.0.007, SR9850 1.0.007, T100 1.0.003, T300 1.0.003, and T550 1.0.003 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the t3.cgi srmodel or srtime parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.027
EPSS Ranking 83.9%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
Products affected by CVE-2020-8963
-
cpe:2.3:h:timetoolsltd:sc7105:-
-
cpe:2.3:h:timetoolsltd:sc9205:-
-
cpe:2.3:h:timetoolsltd:sc9705:-
-
cpe:2.3:h:timetoolsltd:sr7110:-
-
cpe:2.3:h:timetoolsltd:sr9210:-
-
cpe:2.3:h:timetoolsltd:sr9750:-
-
cpe:2.3:h:timetoolsltd:sr9850:-
-
cpe:2.3:h:timetoolsltd:t100:-
-
cpe:2.3:h:timetoolsltd:t300:-
-
cpe:2.3:h:timetoolsltd:t550:-
-
cpe:2.3:o:timetoolsltd:sc7105_firmware:1.0.007
-
cpe:2.3:o:timetoolsltd:sc9205_firmware:1.0.007
-
cpe:2.3:o:timetoolsltd:sc9705_firmware:1.0.007
-
cpe:2.3:o:timetoolsltd:sr7110_firmware:1.0.007
-
cpe:2.3:o:timetoolsltd:sr9210_firmware:1.0.007
-
cpe:2.3:o:timetoolsltd:sr9750_firmware:1.0.007
-
cpe:2.3:o:timetoolsltd:sr9850_firmware:1.0.007
-
cpe:2.3:o:timetoolsltd:t100_firmware:1.0.003
-
cpe:2.3:o:timetoolsltd:t300_firmware:1.0.003
-
cpe:2.3:o:timetoolsltd:t550_firmware:1.0.003