CVE-2020-5664

CRITICAL

XooNIps <3.49 - Code Injection

Title source: llm

Description

Deserialization of untrusted data vulnerability in XooNIps 3.49 and earlier allows remote attackers to execute arbitrary code via unspecified vectors.

References (2)

Scores

CVSS v3 9.8
EPSS 0.0621
EPSS Percentile 90.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE
CWE-502
Status published

Affected Products (1)

riken/xoonips < 3.49

Timeline

Published Nov 16, 2020
Tracked Since Feb 18, 2026