CVE-2020-14293

HIGH

Secudos DOMOS < 5.8 - Remote Code Execution via Zone Field Shell Metacharacters

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-14293. PoCs published by patrickhener.

AI-analyzed exploit summary This repository contains a working proof-of-concept exploit for CVE-2020-14293, which involves a command injection vulnerability in the DOMOS operating system used by Secudos GmbH products like Qiata FTA. The exploit leverages a time zone setting injection to achieve remote code execution and privilege escalation to root.

Description

conf_datetime in Secudos DOMOS 5.8 allows remote attackers to execute arbitrary commands as root via shell metacharacters in the zone field (obtained from the web interface).

Exploits (1)

nomisec WORKING POC 1 stars
by patrickhener · poc
https://github.com/patrickhener/CVE-2020-14293

This repository contains a working proof-of-concept exploit for CVE-2020-14293, which involves a command injection vulnerability in the DOMOS operating system used by Secudos GmbH products like Qiata FTA. The exploit leverages a time zone setting injection to achieve remote code execution and privilege escalation to root.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: DOMOS (used in Qiata FTA)
Auth required
Prerequisites: Valid admin credentials · Network access to the DOMOS WebUI
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Release Notes, Vendor Advisory x_refsource_misc
https://www.secudos.de/en/news-en/domos-release-5-9
Third Party Advisory x_refsource_misc
https://github.com/patrickhener/CVE-2020-14293
Exploit, Mailing List, Third Party Advisory x_refsource_misc
http://seclists.org/fulldisclosure/2020/Sep/51

Scores

CVSS v3 7.5
EPSS 0.0526
EPSS Percentile 91.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-78
Status published
Products (1)
secudos/domos < 5.8
Published Oct 02, 2020
Tracked Since Feb 18, 2026