Skip to main content

Domos

3 CVEs product

Monthly

CVE-2020-14293 HIGH POC This Week

conf_datetime in Secudos DOMOS 5.8 allows remote attackers to execute arbitrary commands as root via shell metacharacters in the zone field (obtained from the web interface). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Command Injection Domos
NVD GitHub
CVSS 3.1
7.5
EPSS
5.3%
CVE-2019-18665 HIGH POC THREAT This Week

The Log module in SECUDOS DOMOS before 5.6 allows local file inclusion. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Domos
NVD
CVSS 3.1
7.5
EPSS
14.9%
CVE-2019-18664 MEDIUM POC This Month

The Log module in SECUDOS DOMOS before 5.6 allows XSS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Domos
NVD
CVSS 3.1
5.4
EPSS
0.6%
EPSS 5% CVSS 7.5
HIGH POC This Week

conf_datetime in Secudos DOMOS 5.8 allows remote attackers to execute arbitrary commands as root via shell metacharacters in the zone field (obtained from the web interface). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Command Injection Domos
NVD GitHub
EPSS 15% CVSS 7.5
HIGH POC THREAT This Week

The Log module in SECUDOS DOMOS before 5.6 allows local file inclusion. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Domos
NVD
EPSS 1% CVSS 5.4
MEDIUM POC This Month

The Log module in SECUDOS DOMOS before 5.6 allows XSS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Domos
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy