CVE-2020-11953

HIGH

Rittal CMCIII-PU and PDU-3C002DEC Firmware - OS Command Injection

Title source: llm

An issue was discovered on Rittal PDU-3C002DEC through 5.15.40 and CMCIII-PU-9333E0FB through 3.15.70_4 devices. Attackers can execute code.

Core 1

Core References

Exploit, Third Party Advisory x_refsource_misc

CVSS v3 8.8

EPSS 0.0247

EPSS Percentile 82.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-78

Status published

Products (5)

rittal/cmc_iii_pu_7030.000_firmware < 3.15.70_4

rittal/cmciii-pu-9333e0fb_firmware < 3.15.70_4

rittal/iot_interface_3124.300 < 6.17.00

rittal/lcp-cw_firmware < 3.15.70_4

rittal/pdu-3c002dec_firmware < 5.15.40

Published Jul 14, 2020

Tracked Since Feb 18, 2026