CVE-2020-8949
HIGH EXPLOITED IN THE WILDGocloud S2A/S3A K2P MTK/ISP3000 4.2.7-4.3.0 - Remote Code Execution via Ping Command Injection
Title source: llmExploitation Summary
CVE-2020-8949 has been observed exploited in the wild (reported by VulnCheck KEV, InTheWild.io).
Description
Gocloud S2A_WL 4.2.7.16471, S2A 4.2.7.17278, S2A 4.3.0.15815, S2A 4.3.0.17193, S3A K2P MTK 4.2.7.16528, S3A 4.3.0.16572, and ISP3000 4.3.0.17190 devices allows remote attackers to execute arbitrary OS commands via shell metacharacters in a ping operation, as demonstrated by the cgi-bin/webui/admin/tools/app_ping/diag_ping/; substring.
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://sku11army.blogspot.com/2020/02/gocloud-rce-in-gocloud-routers.html
Scores
CVSS v3
8.8
EPSS
0.0283
EPSS Percentile
84.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
VulnCheck KEV
2023-04-18
InTheWild.io
2024-05-29
CWE
CWE-78
Status
published
Products (7)
gocloud/isp3000_firmware
4.3.0.17190
gocloud/s2a_firmware
4.2.7.17278
gocloud/s2a_firmware
4.3.0.15815
gocloud/s2a_firmware
4.3.0.17193
gocloud/s2a_wl_firmware
4.2.7.16471
gocloud/s3a_firmware
4.3.0.16572
gocloud/s3a_k2p_mtk_firmware
4.2.7.16528
Published
Feb 12, 2020
Tracked Since
Feb 18, 2026