CVE-2020-16279
CRITICALRangeeOS 8.0.4 - Remote Code Execution via Kommbox Component
Title source: llmDescription
The Kommbox component in Rangee GmbH RangeeOS 8.0.4 is vulnerable to Remote Code Execution due to untrusted user supplied input being passed to the command line without sanitization.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_misc
https://www.contextis.com/en/resources/advisories/cve-2020-16279
Scores
CVSS v3
9.8
EPSS
0.0234
EPSS Percentile
81.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-78
Status
published
Products (1)
rangee/rangeeos
8.0.4
Published
Aug 20, 2020
Tracked Since
Feb 18, 2026