cve/2020/CVE-2020-8012.md

### [CVE-2020-8012](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8012)
![](https://img.shields.io/static/v1?label=Product&message=CA%20Unified%20Infrastructure%20Management%20(Nimsoft%2FUIM)&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=buffer%20overflow%20RCE&color=brighgreen)

### Description

CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a buffer overflow vulnerability in the robot (controller) component. A remote attacker can execute arbitrary code.

### POC

#### Reference
- http://packetstormsecurity.com/files/156577/Nimsoft-nimcontroller-7.80-Remote-Code-Execution.html
- http://packetstormsecurity.com/files/156577/Nimsoft-nimcontroller-7.80-Remote-Code-Execution.html
- http://packetstormsecurity.com/files/158693/CA-Unified-Infrastructure-Management-Nimsoft-7.80-Buffer-Overflow.html
- http://packetstormsecurity.com/files/158693/CA-Unified-Infrastructure-Management-Nimsoft-7.80-Buffer-Overflow.html

#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/GhostTroops/TOP
- https://github.com/JERRY123S/all-poc
- https://github.com/XTeam-Wing/RedTeaming2020
- https://github.com/cyberanand1337x/bug-bounty-2022
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/hktalent/TOP
- https://github.com/jbmihoub/all-poc
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/soosmile/POC
- https://github.com/weeka10/-hktalent-TOP
- https://github.com/wetw0rk/CA-UIM-Nimbus-Research
- https://github.com/wetw0rk/Exploit-Development