CVE

CVE-2020-14950

admin

CVE-2020-14950

aaPanel through 6.6.6 allows remote authenticated users to execute arbitrary commands via shell metacharacters in a modified /system?action=ServiceAdmin request (start, stop, or restart) to the setting menu of Sotfware Store.

Source: CVE-2020-14950

Exit mobile version