CVE-2020-10583

Description

The /admin/admapi.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote authenticated attackers to execute arbitrary OS commands on the server as the user running the application.

Affected Software
References

Software	From	Fixed in
invigo / automatic_device_management	-	5.0.x

https://www.on-x.com/sites/default/files/security_advisory_-_multiple_vulnerabilities_-_invigo_adm.pdf

Severity: High

CVE: CVE-2020-10583
Published: Mar 25, 2021
Updated: Apr 13, 2023
Exploit:

Severity: High
Score: 8.8
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High
Score: 9
AV:N/AC:L/Au:S/C:C/I:C/A:C

CWE-78

A1 - Injection

CVE-2020-10583

Description

Details

CVSS v3

CVSS v2

CWEs

OWASP TOP 10