CVE-2020-7805

EUVD-2020-28737
An issue was discovered on KT Slim egg IML500 (R7283, R8112, R8424) and IML520 (R8112, R8368, R8411) wifi device. This issue is a command injection allowing attackers to execute arbitrary OS commands.
OS Command Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 89%
Affected Products (NVD)
VendorProductVersion
infomarkiml500_firmware
𝑥
≤ 29.8.2018
infomarkiml520_firmware
𝑥
≤ 29.8.2018
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.infomark.co.kr/bbs/board.php?bo_table=download&wr_id=57&sfl=wr_subject&stx=520&sop=and
https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35362
http://www.infomark.co.kr/bbs/board.php?bo_table=download&wr_id=57&sfl=wr_subject&stx=520&sop=and
https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35362