Vulnerability Details CVE-2020-8963
TimeTools SC7105 1.0.007, SC9205 1.0.007, SC9705 1.0.007, SR7110 1.0.007, SR9210 1.0.007, SR9750 1.0.007, SR9850 1.0.007, T100 1.0.003, T300 1.0.003, and T550 1.0.003 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the t3.cgi srmodel or srtime parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.033
EPSS Ranking 86.6%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
Products affected by CVE-2020-8963
-
cpe:2.3:h:timetoolsltd:sc7105:-
-
cpe:2.3:h:timetoolsltd:sc9205:-
-
cpe:2.3:h:timetoolsltd:sc9705:-
-
cpe:2.3:h:timetoolsltd:sr7110:-
-
cpe:2.3:h:timetoolsltd:sr9210:-
-
cpe:2.3:h:timetoolsltd:sr9750:-
-
cpe:2.3:h:timetoolsltd:sr9850:-
-
cpe:2.3:h:timetoolsltd:t100:-
-
cpe:2.3:h:timetoolsltd:t300:-
-
cpe:2.3:h:timetoolsltd:t550:-
-
cpe:2.3:o:timetoolsltd:sc7105_firmware:1.0.007
-
cpe:2.3:o:timetoolsltd:sc9205_firmware:1.0.007
-
cpe:2.3:o:timetoolsltd:sc9705_firmware:1.0.007
-
cpe:2.3:o:timetoolsltd:sr7110_firmware:1.0.007
-
cpe:2.3:o:timetoolsltd:sr9210_firmware:1.0.007
-
cpe:2.3:o:timetoolsltd:sr9750_firmware:1.0.007
-
cpe:2.3:o:timetoolsltd:sr9850_firmware:1.0.007
-
cpe:2.3:o:timetoolsltd:t100_firmware:1.0.003
-
cpe:2.3:o:timetoolsltd:t300_firmware:1.0.003
-
cpe:2.3:o:timetoolsltd:t550_firmware:1.0.003