What is CVE-2020-8656?

CVE-2020-8656 is a vulnerability in N/a. Published 2020-02-06.

Is CVE-2020-8656 known to be exploited?

6 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2020-8656

An issue was discovered in EyesOfNetwork 5.3. The EyesOfNetwork API 2.4.2 is prone to SQL injection, allowing an unauthenticated attacker to perform various tasks such as authentication bypass via the username field to getApiKey in include…

EPSS: 0.818 (99.2th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework
20142995/nuclei-templates
ARPSyndicate/cvemon
ArianeBlow/EyesOfNetwork-vuln-checker
cyb3r-w0lf/nuclei-template-collection
h4knet/eonrce

References

github.com/EyesOfNetworkCommunity/eonapi/issues/16 (x_refsource_MISC)
packetstormsecurity.com/files/156266/EyesOfNetwork-5.3-Remote-Code-Execution.ht… (x_refsource_MISC)
packetstormsecurity.com/files/156605/EyesOfNetwork-AutoDiscovery-Target-Command… (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-8656?: CVE-2020-8656 is a vulnerability in N/a. Published 2020-02-06.
Is CVE-2020-8656 known to be exploited?: 6 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.