← Back to CVEs
CVE-2020-3938
CRITICAL9.8
Description
SysJust Syuan-Gu-Da-Shih, versions before 20191223, contain vulnerability of Request Forgery, allowing attackers to launch inquiries into network architecture or system files of the server via forged inquests.
CVE Details
CVSS v3.1 Score9.8
SeverityCRITICAL
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published2/4/2020
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
sysjust:syuan-gu-da-shin
Weaknesses (CWE)
CWE-918
References
https://tvn.twcert.org.tw/taiwanvn/TVN-201910014(twcert@cert.org.tw)
https://www.chtsecurity.com/news/a791f509-9782-4be1-b71f-22fc619f8215(twcert@cert.org.tw)
https://tvn.twcert.org.tw/taiwanvn/TVN-201910014(af854a3a-2127-422b-91ae-364da2661108)
https://www.chtsecurity.com/news/a791f509-9782-4be1-b71f-22fc619f8215(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.