CVE-2020-4428

CRITICAL KEV

IBM Data Risk Manager 2.0.1-2.0.4 - Authenticated OS Command Injection

Title source: llm

Exploitation Summary

CVE-2020-4428 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added November 3, 2021. EIP tracks 1 public exploit, including a Metasploit module exploits/linux/http/ibm_drm_rce.

AI-analyzed exploit summary This Metasploit module exploits a chain of vulnerabilities in IBM Data Risk Manager (CVE-2020-4427, CVE-2020-4428, CVE-2020-4429) to achieve unauthenticated remote code execution as root. It bypasses authentication, performs command injection, and abuses an insecure default password.

Description

IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a remote authenticated attacker to execute arbitrary commands on the system. IBM X-Force ID: 180533.

Exploits (1)

metasploit WORKING POC EXCELLENT

rubypoclinux

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/ibm_drm_rce.rb

View Code ZIP pw:eip

This Metasploit module exploits a chain of vulnerabilities in IBM Data Risk Manager (CVE-2020-4427, CVE-2020-4428, CVE-2020-4429) to achieve unauthenticated remote code execution as root. It bypasses authentication, performs command injection, and abuses an insecure default password.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: IBM Data Risk Manager <= 2.0.4

No auth needed

Prerequisites: Network access to the target system · IBM Data Risk Manager version <= 2.0.4

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1190 - Exploit Public-Facing Application T1078 - Valid Accounts

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Patch, Vendor Advisory x_refsource_confirm

https://www.ibm.com/support/pages/node/6206875

VDB Entry, Vendor Advisory vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/180533

Mailing List, Third Party Advisory

http://seclists.org/fulldisclosure/2024/Nov/0

Mailing List, Third Party Advisory

http://seclists.org/fulldisclosure/2024/Nov/1

US Government Resource

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-4428

Scores

CVSS v3 9.1

EPSS 0.6169

EPSS Percentile 99.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation active

Automatable no

Technical Impact total

Details

CISA KEV 2021-11-03

VulnCheck KEV 2021-11-03

InTheWild.io 2021-07-23

ENISA EUVD EUVD-2020-25675

CWE

CWE-78

Status published

Products (1)

ibm/data_risk_manager 2.0.1 - 2.0.4

Published May 07, 2020

KEV Added Nov 03, 2021

Tracked Since Feb 18, 2026