Privilege Escalation Affecting monox.cms.runtime package, versions [0,]
Snyk CVSS
Attack Complexity
Low
Threat Intelligence
Exploit Maturity
Proof of concept
EPSS
0.11% (43rd
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-DOTNET-MONOXCMSRUNTIME-567872
- published 29 Apr 2020
- disclosed 29 Apr 2020
- credit Unknown
Introduced: 29 Apr 2020
CVE-2020-12473 Open this link in a new tabHow to fix?
There is no fixed version for MonoX.CMS.Runtime
.
Overview
MonoX.CMS.Runtime is a Free ASP.NET CMS and Social Networking Platform.
Affected versions of this package are vulnerable to Privilege Escalation. It allows admins to execute arbitrary programs by reconfiguring the Converter Executable setting from ffmpeg.exe
to a different program.