CVE-2020-6760
Published Feb 6, 2020
Last updated 5 years ago
Overview
- Description
- Schmid ZI 620 V400 VPN 090 routers allow an attacker to execute OS commands as root via shell metacharacters to an entry on the SSH subcommand menu, as demonstrated by ping.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-78
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schmid-telecom:zi_620_v400:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "CA3628E4-BD24-4C13-A190-34EB1C5A985E"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schmid-telecom:zi_620_v400_firmware:090:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "27B9E6E9-4A8A-4F2E-BA75-819B53E667A1"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]