Security Vulnerabilities - CVEs Published In January 2020
An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.12, and Community Edition 5.0.x through 5.0.38 and 6.0.x through 6.0.23. An attacker who is logged into OTRS as an agent is able to list tickets assigned to other agents, even tickets in a queue where the attacker doesn't have permissions.
CVSS Score
3.5
EPSS Score
0.005
Published
2020-01-06
An issue was discovered in rConfig 3.9.3. A remote authenticated user can directly execute system commands by sending a GET request to ajaxArchiveFiles.php because the path parameter is passed to the exec function without filtering, which can lead to command execution.
CVSS Score
8.8
EPSS Score
0.921
Published
2020-01-06
An issue was discovered in rConfig 3.9.3. The install script updates the /etc/sudoers file for rconfig specific tasks. After an "rConfig specific Apache configuration" update, apache has high privileges for some binaries. This can be exploited by an attacker to bypass local security restrictions.
CVSS Score
7.8
EPSS Score
0.001
Published
2020-01-06
In uftpd before 2.11, there is a buffer overflow vulnerability in handle_PORT in ftpcmd.c that is caused by a buffer that is 16 bytes large being filled via sprintf() with user input based on the format specifier string %d.%d.%d.%d. The 16 byte size is correct for valid IPv4 addresses (len('255.255.255.255') == 16), but the format specifier %d allows more than 3 digits. This has been fixed in version 2.11
CVSS Score
6.5
EPSS Score
0.007
Published
2020-01-06
Gila CMS 1.11.8 allows /admin/media?path=../ Path Traversal.
CVSS Score
6.8
EPSS Score
0.008
Published
2020-01-06
Gila CMS 1.11.8 allows /cm/delete?t=../ Directory Traversal.
CVSS Score
6.8
EPSS Score
0.026
Published
2020-01-06
Multiple cross-site scripting (XSS) vulnerabilities in the Marked module before 0.3.1 for Node.js allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) gfm codeblocks (language) or (2) javascript url's.
CVSS Score
6.1
EPSS Score
0.006
Published
2020-01-06
On DTEN D5 and D7 before 1.3.4 devices, factory settings allows for firmware reflash and Android Debug Bridge (adb) enablement.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-01-06
DTEN D5 and D7 before 1.3.4 devices allow unauthenticated root shell access through Android Debug Bridge (adb), leading to arbitrary code execution and system administration. Also, this provides a covert ability to capture screen data from the Zoom Client on Windows by executing commands on the Android OS.
CVSS Score
9.8
EPSS Score
0.009
Published
2020-01-06
Multiple cross-site scripting (XSS) vulnerabilities in the WP Membership plugin 1.2.3 for WordPress allow remote authenticated users to inject arbitrary web script or HTML via unspecified (1) profile fields or (2) new post content. NOTE: CVE-2015-4038 can be used to bypass the administrator confirmation step for vector 2.
CVSS Score
5.4
EPSS Score
0.003
Published
2020-01-06