CVE-2020-15920

CRITICAL EXPLOITED NUCLEI

Mida eFramework <= 2.9.0 - Unauthenticated Remote Code Execution via OS Command Injection

Title source: llm

Exploitation Summary

CVE-2020-15920 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 2 public exploits from researchers including elbae, elbae, bcoles, including a Metasploit module exploits/linux/http/mida_solutions_eframework_ajaxreq_rce. A Nuclei detection template is also available.

AI-analyzed exploit summary This exploit leverages an OS command injection vulnerability in Mida eFramework's PDC/ajaxreq.php endpoint, allowing remote code execution by injecting commands into the PARAM parameter. The PoC sends a crafted POST request with a command payload to execute arbitrary commands on the target system.

Description

There is an OS Command Injection in Mida eFramework through 2.9.0 that allows an attacker to achieve Remote Code Execution (RCE) with administrative (root) privileges. No authentication is required.

Exploits (2)

exploitdb WORKING POC

by elbae · pythonwebappsmultiple

https://www.exploit-db.com/exploits/48768

View Code ZIP pw:eip

This exploit leverages an OS command injection vulnerability in Mida eFramework's PDC/ajaxreq.php endpoint, allowing remote code execution by injecting commands into the PARAM parameter. The PoC sends a crafted POST request with a command payload to execute arbitrary commands on the target system.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Mida eFramework <= 2.9.0

No auth needed

Prerequisites: Target server running Mida eFramework <= 2.9.0 · Network access to the target server

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC EXCELLENT

by elbae, bcoles · rubypoclinux

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/mida_solutions_eframework_ajaxreq_rce.rb

View Code ZIP pw:eip

This Metasploit module exploits a command injection vulnerability in Mida Solutions eFramework's ajaxreq.php, allowing unauthenticated RCE as the apache user, which can then escalate to root via sudo misconfiguration. The exploit sends a crafted POST request with a malicious PARAM parameter to execute arbitrary commands.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Mida Solutions eFramework <= 2.9.0

No auth needed

Prerequisites: Network access to the target · Target running Mida Solutions eFramework <= 2.9.0

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 19, 2026 Full analysis →

Nuclei Templates (1)

Mida eFramework <=2.9.0 - Remote Command Execution

CRITICALby dwisiswant0

References (3)

Core 3

Core References

Exploit, Third Party Advisory x_refsource_misc

https://elbae.github.io/jekyll/update/2020/07/14/vulns-01.html

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/158991/Mida-eFramework-2.9.0-Remote-Code-Execution.html

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/159194/Mida-Solutions-eFramework-ajaxreq.php-Command-Injection.html

Scores

CVSS v3 9.8

EPSS 0.9828

EPSS Percentile 99.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2023-12-25

CWE

CWE-78

Status published

Products (1)

midasolutions/eframework < 2.9.0

Published Jul 24, 2020

Tracked Since Feb 18, 2026