CVE-2020-37027

Sažetak

Sickbeard alpha contains a remote command injection vulnerability that allows unauthenticated attackers to execute arbitrary commands through the extra scripts configuration. Attackers can set malicious commands in the extra scripts field and trigger processing to execute remote code on the vulnerable Sickbeard installation.

Reference

https://github.com/midgetspy/Sick-Beard
https://web.archive.org/web/20190722085652/https://sickbeard.com/
https://www.exploit-db.com/exploits/48646
https://www.vulncheck.com/advisories/sickbeard-remote-command-injection

CVSS

Base:	9.8
Impact:	5.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Zadnje važnije ažuriranje

30-01-2026 - 23:16

Objavljeno

30-01-2026 - 23:16