Skip to main content

CVE-2020-15227

Description

Nette versions before 2.0.19, 2.1.13, 2.2.10, 2.3.14, 2.4.16, 3.0.6 are vulnerable to an code injection attack by passing specially formed parameters to URL that may possibly leading to RCE. Nette is a PHP/Composer MVC Framework.

NVD
Severity: CRITICAL
CVE ID: CVE-2020-15227
CVSS Score: 9.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
GitHub, Inc.
Severity: HIGH
CVE ID: CVE-2020-15227
CVSS Score: 8.7
CVSS Metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

Refrence: NVDMITRE

Proof Of Concept

Nuclei Templates for CVE-2020-15227
Langriklol

CVE-2020-15227 exploit

Refrence: GitHub

hu4wufu

CVE-2020-15227 exploit

Refrence: GitHub

filipsedivy

CVE-2020-15227 checker

Refrence: GitHub

Last updated on by Vulnerability_bot_v1.3.9