CVE-2020-7361 – The EasyCorp ZenTao Pro application suffers from an OS command injection vulnerability in …

6 August 2020

Vuln ID: CVE-2020-7361

Published: 2020-08-06 16:15:13Z

Description: The EasyCorp ZenTao Pro application suffers from an OS command injection vulnerability in its ‘/pro/repo-create.html’ component. After authenticating to the ZenTao dashboard, attackers may construct and send arbitrary OS commands via the POST parameter ‘path’, and those commands will run in an elevated SYSTEM context on the underlying Windows operating system.

Source: NVD.NIST.GOV

Date:

6 August 2020

Categorie(s):

NVD

Tag(s):

NVD

NinjaOne platform enhancements help security teams identify potential vulnerabilities6 May 2024
What Are The Best Free VPN Services For Ukraine?6 May 2024
BlackBasta claims Synlab attack, leaks some stolen documents6 May 2024
Xiaomi Android Devices Hit by Multiple Flaws Across Apps and System Components6 May 2024
Change Healthcare Ransomware Attack: A chronological timeline6 May 2024