CVE-2020-16846
Description
An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.
NVD
Severity: CRITICAL
CVE ID: CVE-2020-16846
CVSS Score: 9.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Proof Of Concept
Nuclei Templates for CVE-2020-16846
Refrence: Project Discovery GitHub
zomy22
Refrence: GitHub
hamza-boudouche
CVE-2020-16846
Refrence: GitHub