CVE-2020-7838

HIGH

Smilegate STOVE Client <0.0.4.72 - RCE

Title source: llm
STIX 2.1

Description

A arbitrary code execution vulnerability exists in the way that the Stove client improperly validates input value. An attacker could execute arbitrary code when the user access to crafted web page. This issue affects: Smilegate STOVE Client 0.0.4.72.

References (1)

Core 1
Core References

Scores

CVSS v3 8.8
EPSS 0.0120
EPSS Percentile 64.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-20
Status published
Products (1)
onstove/stove 0.0.4.10 - 0.0.4.71
Published Dec 18, 2020
Tracked Since Feb 18, 2026