nvd-json-data-feeds/CVE-2020/CVE-2020-140xx/CVE-2020-14028.json

{
  "id": "CVE-2020-14028",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2020-09-22T18:15:23.840",
  "lastModified": "2020-09-26T02:31:17.207",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. By leveraging a path traversal vulnerability in the Autoreply module's Script Name, an attacker may write to or overwrite arbitrary files, with arbitrary content, usually with NT AUTHORITY\\SYSTEM privileges."
    },
    {
      "lang": "es",
      "value": "Se detect\u00f3 un problema en Ozeki NG SMS Gateway versiones hasta 4.17.6. Mediante el aprovechamiento de una vulnerabilidad de salto de ruta en el Script Name del m\u00f3dulo Autoreply, un atacante puede escribir o sobrescribir archivos arbitrarios, con contenido arbitrario, generalmente con privilegios NT AUTHORITY\\SYSTEM"
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "HIGH",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "SINGLE",
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ozeki:ozeki_ng_sms_gateway:*:*:*:*:*:*:*:*",
              "versionEndIncluding": "4.17.6",
              "matchCriteriaId": "CD2367CD-8681-42A5-99CF-4FEC7CAFFA35"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://www.ozeki.hu/index.php?owpn=231",
      "source": "cve@mitre.org",
      "tags": [
        "Product",
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-14028-Arbitary%20File%20Write-Ozeki%20SMS%20Gateway",
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ]
    }
  ]
}