CVE-2020-8654 Scanner
Detects 'OS Command Injection' vulnerability in EyesOfNetwork affects v. 5.3.
Short Info
Level
High
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
1 month 3 days
Scan only one
URL
Toolbox
-
EyesOfNetwork is a network monitoring software used for network management and security monitoring purposes. It is designed to analyze the network and provide real-time monitoring and alerting for any suspicious activity. The software is used by IT professionals and network administrators to ensure the reliability and security of the network infrastructure.
CVE-2020-8654 is a recently discovered vulnerability in EyesOfNetwork 5.3. This vulnerability enables an authenticated web user with sufficient privileges to exploit the AutoDiscovery module. An attacker can abuse the autodiscovery.php target field to run arbitrary OS commands. This can be done by sending a specially crafted request to the software.
When this vulnerability is exploited, the attacker gains unauthorized access to the network. This can lead to a variety of consequences such as unauthorized data access, data breaches, network disruption, and business downtime. The attacker can also use this exploit to execute malicious code and install backdoors, providing them with unauthorized remote access to the network.
It is important for users to take proactive measures to protect their digital assets from potential cyber threats. With the advanced features of the s4e.io platform, readers can easily and quickly check for vulnerabilities in their digital assets. This platform provides quick and easy access to vulnerability assessments, security news, and threat intelligence. It is an essential tool for IT professionals and network administrators to ensure the reliability and security of their network infrastructure.
REFERENCES