sendfax.php in iFAX AvantFAX before 3.3.6 and HylaFAX Enterprise Web Interface before 0.2.5 allows authenticated Command Injection.
References
Link | Resource |
---|---|
ftp://ftp.ifax.com/security/CVE-2020-11766.html | Vendor Advisory |
ftp://ftp.ifax.com/security/CVE-2020-11766.html | Vendor Advisory |
Configurations
History
21 Nov 2024, 04:58
Type | Values Removed | Values Added |
---|---|---|
References | () ftp://ftp.ifax.com/security/CVE-2020-11766.html - Vendor Advisory |
Information
Published : 2020-05-19 20:15
Updated : 2024-11-21 04:58
NVD link : CVE-2020-11766
Mitre link : CVE-2020-11766
CVE.ORG link : CVE-2020-11766
JSON object : View
Products Affected
avantfax
- avantfax
ifax
- hylafax
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')