Vulnerability Details CVE-2020-9021
Post Oak AWAM Bluetooth Field Device 7400v2.08.21.2018, 7800SD.2015.1.16, 2011.3, 7400v2.02.01.2019, and 7800SD.2012.12.5 is vulnerable to injections of operating system commands through timeconfig.py via shell metacharacters in the htmlNtpServer parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.0%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
Products affected by CVE-2020-9021
-
cpe:2.3:h:postoaktraffic:awam_bluetooth_field_device:-
-
cpe:2.3:o:postoaktraffic:awam_bluetooth_field_device_firmware:2011.3
-
cpe:2.3:o:postoaktraffic:awam_bluetooth_field_device_firmware:7400v2.02.01.2019
-
cpe:2.3:o:postoaktraffic:awam_bluetooth_field_device_firmware:7400v2.08.21.2018
-
cpe:2.3:o:postoaktraffic:awam_bluetooth_field_device_firmware:7800sd.2012.12.5
-
cpe:2.3:o:postoaktraffic:awam_bluetooth_field_device_firmware:7800sd.2015.1.16