S4E

CVE-2020-8654 Scanner

Detects 'OS Command Injection' vulnerability in EyesOfNetwork affects v. 5.3.

Short Info


Level

High

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

1 month 3 days

Scan only one

URL

Toolbox

-

EyesOfNetwork is a network monitoring software used for network management and security monitoring purposes. It is designed to analyze the network and provide real-time monitoring and alerting for any suspicious activity. The software is used by IT professionals and network administrators to ensure the reliability and security of the network infrastructure.

CVE-2020-8654 is a recently discovered vulnerability in EyesOfNetwork 5.3. This vulnerability enables an authenticated web user with sufficient privileges to exploit the AutoDiscovery module. An attacker can abuse the autodiscovery.php target field to run arbitrary OS commands. This can be done by sending a specially crafted request to the software.

When this vulnerability is exploited, the attacker gains unauthorized access to the network. This can lead to a variety of consequences such as unauthorized data access, data breaches, network disruption, and business downtime. The attacker can also use this exploit to execute malicious code and install backdoors, providing them with unauthorized remote access to the network.

It is important for users to take proactive measures to protect their digital assets from potential cyber threats. With the advanced features of the s4e.io platform, readers can easily and quickly check for vulnerabilities in their digital assets. This platform provides quick and easy access to vulnerability assessments, security news, and threat intelligence. It is an essential tool for IT professionals and network administrators to ensure the reliability and security of their network infrastructure.

 

REFERENCES

Get started to protecting your Free Full Security Scan