CVE-2019-15020

Critical

A security vulnerability exists in the Zingbox Inspector versions 1.293 and earlier, that could allow an attacker to supply an invalid…

palo_alto·CWE-346·Published 2019-10-09

CVSS

9.8

EPSS

0.01

KEV

Exploits

cve.orgen

221 chars

A security vulnerability exists in the Zingbox Inspector versions 1.293 and earlier, that could allow an attacker to supply an invalid software update image to the Zingbox Inspector that could result in command injection.

NVDen

221 chars

NVDes

261 chars

Se presenta una vulnerabilidad de seguridad en Zingbox Inspector, versiones 1.293 y anteriores, que podría permitir a un atacante suministrar una imagen de actualización de software no válida al Zingbox Inspector que podría resultar en la inyección de comandos.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H