What is CVE-2020-5844?

CVE-2020-5844 is a vulnerability in N/a. Published 2020-03-16.

Is CVE-2020-5844 known to be exploited?

10 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2020-5844

index.php?sec=godmode/extensions&sec2=extensions/files_repo in Pandora FMS v7.0 NG allows authenticated administrators to upload malicious PHP scripts, and execute them via base64 decoding of the file location. This affects v7.0NG.742_FIX_…

EPSS: 0.738 (98.8th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

UNICORDev/exploit-CVE-2020-5844
TheCyberGeek/CVE-2020-5844
1Gould/CVE-2020-5844-exploit
ARPSyndicate/cvemon
Live-Hack-CVE/CVE-2020-5844
developer3000S/PoC-in-GitHub
hectorgie/PoC-in-GitHub
nomi-sec/PoC-in-GitHub
soosmile/POC
0xT11/CVE-POC

References

pandorafms.com (x_refsource_MISC)
github.com/TheCyberGeek/CVE-2020-5844 (x_refsource_MISC)
packetstormsecurity.com/files/167503/Pandora-FMS-7.0NG.742-Remote-Code-Executio… (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-5844?: CVE-2020-5844 is a vulnerability in N/a. Published 2020-03-16.
Is CVE-2020-5844 known to be exploited?: 10 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.