Skip to main content
CVE-2020-11542 CRITICAL POC Act Now

3xLOGIC Infinias eIDC32 2.213 devices with Web 1.107 allow Authentication Bypass via CMD.HTM?CMD= because authentication depends on the client side's interpretation of the <KEY>MYKEY</KEY> substring. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Infinias Eidc32 Firmware Infinias Eidc32 Web
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2020-11518 CRITICAL Act Now

Zoho ManageEngine ADSelfService Plus before 5815 allows unauthenticated remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Zoho RCE Manageengine Adselfservice Plus
NVD
CVSS 3.1
9.8
EPSS
18.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy