CVE-2020-8497

MEDIUM EXPLOITED NUCLEI

Artica Pandora FMS <7.42 - Info Disclosure

Title source: llm

Description

In Artica Pandora FMS through 7.42, an unauthenticated attacker can read the chat history. The file is in JSON format and it contains user names, user IDs, private messages, and timestamps.

Nuclei Templates (1)

Artica Pandora FMS <=7.42 - Arbitrary File Read

MEDIUMby gy741

Shodan: http.title:"pandora fms"

FOFA: title="pandora fms"

References (1)

[Exploit, Third Party Advisory] https://k4m1ll0.com/cve-2020-8497.html

Scores

CVSS v3 5.3

EPSS 0.2237

EPSS Percentile 95.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

VulnCheck KEV 2026-04-08

CWE

CWE-306

Status published

Products (1)

artica/pandora_fms < 7.42

Published Mar 23, 2020

Tracked Since Feb 18, 2026