Exposures › CVE-2020-25466
A SSRF vulnerability exists in the downloadimage interface of CRMEB 3.0, which can remotely download arbitrary files on the server and remotely execute arbitrary code.
A SSRF vulnerability exists in the downloadimage interface of CRMEB 3.0, which can remotely download arbitrary files on the server and remotely execute arbitrary code.
“A SSRF vulnerability exists in the downloadimage interface of CRMEB 3.0, which can remotely download arbitrary files on the server and remotely execute arbitrary code.”
“Because each KEV entry carries direct evidence of active exploitation, the catalog is one of the highest-signal inputs for risk-based patch management.”
“CISA Known Exploited Vulnerabilities (KEV) is an initiative that identifies and publishes a list of known exploited vulnerabilities.”
No correlated FedRAMP products.