CVE-2020-14947

HIGH

OCS Inventory NG 2.7 - Remote Code Execution via Shell Metacharacters in SNMP MIB File Handling

Title source: manual

Exploitation Summary

EIP tracks 2 public exploits for CVE-2020-14947. PoCs published by Askar, mhaskar.

AI-analyzed exploit summary This exploit targets OCS Inventory NG 2.7 by injecting a reverse shell payload into the SNMP configuration. It leverages CSRF tokens to bypass protections and executes arbitrary commands via the SNMP_MIB_DIRECTORY parameter.

Description

OCS Inventory NG 2.7 allows Remote Command Execution via shell metacharacters to require/commandLine/CommandLine.php because mib_file in plugins/main_sections/ms_config/ms_snmp_config.php is mishandled in get_mib_oid.

Exploits (2)

exploitdb WORKING POC

by Askar · textwebappsmultiple

https://www.exploit-db.com/exploits/48634

View Code ZIP pw:eip

This exploit targets OCS Inventory NG 2.7 by injecting a reverse shell payload into the SNMP configuration. It leverages CSRF tokens to bypass protections and executes arbitrary commands via the SNMP_MIB_DIRECTORY parameter.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: OCS Inventory NG v2.7

Auth required

Prerequisites: Valid credentials for the target application · Network connectivity to the target · Listener set up for the reverse shell

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC 19 stars

by mhaskar · poc

https://github.com/mhaskar/CVE-2020-14947