CVE-2020-8497
MEDIUM EXPLOITED NUCLEIArtica Pandora FMS <7.42 - Info Disclosure
Title source: llmExploitation Summary
CVE-2020-8497 has been observed exploited in the wild (reported by VulnCheck KEV). A Nuclei detection template is also available.
Description
In Artica Pandora FMS through 7.42, an unauthenticated attacker can read the chat history. The file is in JSON format and it contains user names, user IDs, private messages, and timestamps.
Nuclei Templates (1)
Artica Pandora FMS <=7.42 - Arbitrary File Read
MEDIUMby gy741
Shodan:
http.title:"pandora fms"
FOFA:
title="pandora fms"
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://k4m1ll0.com/cve-2020-8497.html
Scores
CVSS v3
5.3
EPSS
0.0527
EPSS Percentile
91.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Details
VulnCheck KEV
2026-04-08
CWE
CWE-306
Status
published
Products (1)
artica/pandora_fms
< 7.42
Published
Mar 23, 2020
Tracked Since
Feb 18, 2026