CVE-2020-3938

CRITICAL

SysJust Syuan-Gu-Da-Shih <20191223 - SSRF

Title source: llm

Description

SysJust Syuan-Gu-Da-Shih, versions before 20191223, contain vulnerability of Request Forgery, allowing attackers to launch inquiries into network architecture or system files of the server via forged inquests.

References (2)

Core 2

Core References

Third Party Advisory x_refsource_misc

https://tvn.twcert.org.tw/taiwanvn/TVN-201910014

Third Party Advisory x_refsource_misc

https://www.chtsecurity.com/news/a791f509-9782-4be1-b71f-22fc619f8215

Scores

CVSS v3 9.8

EPSS 0.0148

EPSS Percentile 70.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-918

Status published

Products (1)

sysjust/syuan-gu-da-shin < 20191223

Published Feb 04, 2020

Tracked Since Feb 18, 2026