Security Vulnerabilities - CVEs Published In March 2020
Comtrend VR-3033 DE11-416SSG-C01_R02.A2pvI042j1.d26m devices have Multiple Authenticated Command Injection vulnerabilities via the ping and traceroute diagnostic pages, as demonstrated by shell metacharacters in the pingIpAddress parameter to ping.cgi.
CVSS Score
8.8
EPSS Score
0.652
Published
2020-03-05
Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. By passing a suitably crafted tolerance to GIS functions and aggregates on Oracle, it was possible to break escaping and inject malicious SQL.
CVSS Score
8.8
EPSS Score
0.594
Published
2020-03-05
An issue was discovered on D-Link DSL-2640B E1 EU_1.01 devices. The administrative interface doesn't perform authentication checks for a firmware-update POST request. Any attacker that can access the administrative interface can install firmware of their choice.
CVSS Score
7.5
EPSS Score
0.007
Published
2020-03-05
D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Restore Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=config_restore configRestore or configServerip parameter.
CVSS Score
7.8
EPSS Score
0.927
Published
2020-03-05
CVE-2019-20500
D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Save Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=config_save configBackup or downloadServerip parameter.
Known exploited
CVSS Score
7.8
EPSS Score
0.937
Published
2020-03-05
D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Upgrade Firmware functionality in the Web interface, using shell metacharacters in the admin.cgi?action=upgrade firmwareRestore or firmwareServerip parameter.
CVSS Score
7.8
EPSS Score
0.258
Published
2020-03-05
Multiple SQL injection vulnerabilities in TestLink through 1.9.19 allows remote authenticated users to execute arbitrary SQL commands via the (1) tproject_id parameter to keywordsView.php; the (2) req_spec_id parameter to reqSpecCompareRevisions.php; the (3) requirement_id parameter to reqCompareVersions.php; the (4) build_id parameter to planUpdateTC.php; the (5) tplan_id parameter to newest_tcversions.php; the (6) tplan_id parameter to tcCreatedPerUserGUI.php; the (7) tcase_id parameter to tcAssign2Tplan.php; or the (8) testcase_id parameter to tcCompareVersions.php. Authentication is often easy to achieve: a guest account, that can execute this attack, can be created by anyone in the default configuration.
CVSS Score
8.8
EPSS Score
0.018
Published
2020-03-05
PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to SQL injection, as demonstrated by the email parameter in index.php or register.php. The SQL injection allows to dump the MySQL database and to bypass the login prompt.
CVSS Score
9.8
EPSS Score
0.001
Published
2020-03-05
PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS, as demonstrated by the ExpenseItem or ExpenseCost parameter in manage-expense.php.
CVSS Score
5.4
EPSS Score
0.002
Published
2020-03-05
HUMAX HGA12R-02 BRGCAA 1.1.53 devices allow Session Hijacking.
CVSS Score
9.1
EPSS Score
0.003
Published
2020-03-05