{"containers":{"cna":{"affected":[{"product":"Cayin CMS-SE","vendor":"Cayin Technology","versions":[{"lessThanOrEqual":"11.0 Build 19179","status":"affected","version":"11.0 Build 19179","versionType":"custom"}]},{"product":"Cayin CMS-60","vendor":"Cayin Technology","versions":[{"lessThanOrEqual":"11.0 Build 19025","status":"affected","version":"11.0 Build 19025","versionType":"custom"}]},{"product":"Cayin CMS-40","vendor":"Cayin Technology","versions":[{"lessThanOrEqual":"9.0 Build 14917","status":"affected","version":"9.0 Build 14917","versionType":"custom"}]},{"product":"Cayin CMS-20","vendor":"Cayin Technology","versions":[{"lessThanOrEqual":"9.0 Build 14917","status":"affected","version":"9.0 Build 14917","versionType":"custom"}]},{"product":"Cayin CMS","vendor":"Cayin Technology","versions":[{"status":"affected","version":"8.2 Build 12199"},{"status":"affected","version":"8.0 Build 11175"},{"status":"affected","version":"7.5 Build 11175"}]}],"credits":[{"lang":"en","value":"This issue was discovered by Gjoko Krstic of Zero Science Lab."}],"datePublic":"2020-04-06T00:00:00.000Z","descriptions":[{"lang":"en","value":"Cayin CMS suffers from an authenticated OS semi-blind command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user through the 'NTP_Server_IP' HTTP POST parameter in system.cgi page. This issue affects several branches and versions of the CMS application, including CME-SE, CMS-60, CMS-40, CMS-20, and CMS version 8.2, 8.0, and 7.5."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":9.6,"baseSeverity":"CRITICAL","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"CHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N","version":"3.1"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-78","description":"CWE-78 OS Command Injection","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2020-08-06T15:45:28.000Z","orgId":"9974b330-7714-4307-a722-5648477acda7","shortName":"rapid7"},"references":[{"tags":["x_refsource_MISC"],"url":"https://github.com/rapid7/metasploit-framework/pull/13607"},{"tags":["x_refsource_MISC"],"url":"https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5570.php"},{"tags":["vendor-advisory","x_refsource_IBM"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/182925"}],"source":{"discovery":"EXTERNAL"},"title":"Cayin CMS Command Injection","x_generator":{"engine":"Vulnogram 0.0.9"},"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@rapid7.com","DATE_PUBLIC":"2020-04-06T10:00:00.000Z","ID":"CVE-2020-7357","STATE":"PUBLIC","TITLE":"Cayin CMS Command Injection"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Cayin CMS-SE","version":{"version_data":[{"version_affected":"<=","version_name":"11.0 Build 19179","version_value":"11.0 Build 19179"}]}},{"product_name":"Cayin CMS-60","version":{"version_data":[{"version_affected":"<=","version_name":"11.0 Build 19025","version_value":"11.0 Build 19025"}]}},{"product_name":"Cayin CMS-40","version":{"version_data":[{"version_affected":"<=","version_name":"9.0 Build 14917","version_value":"9.0 Build 14917"}]}},{"product_name":"Cayin CMS-20","version":{"version_data":[{"version_affected":"<=","version_name":"9.0 Build 14917","version_value":"9.0 Build 14917"}]}},{"product_name":"Cayin CMS","version":{"version_data":[{"version_affected":"=","version_name":"8.2 Build 12199","version_value":"8.2 Build 12199"},{"version_affected":"=","version_name":"8.0 Build 11175","version_value":"8.0 Build 11175"},{"version_affected":"=","version_name":"7.5 Build 11175","version_value":"7.5 Build 11175"}]}}]},"vendor_name":"Cayin Technology"}]}},"credit":[{"lang":"eng","value":"This issue was discovered by Gjoko Krstic of Zero Science Lab."}],"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Cayin CMS suffers from an authenticated OS semi-blind command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user through the 'NTP_Server_IP' HTTP POST parameter in system.cgi page. This issue affects several branches and versions of the CMS application, including CME-SE, CMS-60, CMS-40, CMS-20, and CMS version 8.2, 8.0, and 7.5."}]},"generator":{"engine":"Vulnogram 0.0.9"},"impact":{"cvss":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":9.6,"baseSeverity":"CRITICAL","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"CHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-78 OS Command Injection"}]}]},"references":{"reference_data":[{"name":"https://github.com/rapid7/metasploit-framework/pull/13607","refsource":"MISC","url":"https://github.com/rapid7/metasploit-framework/pull/13607"},{"name":"https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5570.php","refsource":"MISC","url":"https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5570.php"},{"name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/182925","refsource":"IBM","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/182925"}]},"source":{"discovery":"EXTERNAL"}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T09:25:49.104Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/rapid7/metasploit-framework/pull/13607"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5570.php"},{"tags":["vendor-advisory","x_refsource_IBM","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/182925"}]}]},"cveMetadata":{"assignerOrgId":"9974b330-7714-4307-a722-5648477acda7","assignerShortName":"rapid7","cveId":"CVE-2020-7357","datePublished":"2020-08-06T15:45:28.433Z","dateReserved":"2020-01-21T00:00:00.000Z","dateUpdated":"2024-09-17T03:12:42.262Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}