CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-11491

Monitoring::Logs in Zen Load Balancer 3.10.1 allows remote authenticated admins to conduct absolute path traversal attacks, as demonstrated by a filelog=/etc/shadow request to index.cgi.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 50.5%

CVSS Severity

CVSS v3 Score 4.9

CVSS v2 Score 4.0

References

http://code610.blogspot.com/2020/03/pentesting-zen-load-balancer-quick.html
https://github.com/c610/tmp/blob/master/zenload4patreons.zip
http://code610.blogspot.com/2020/03/pentesting-zen-load-balancer-quick.html
https://github.com/c610/tmp/blob/master/zenload4patreons.zip

Products affected by CVE-2020-11491

Zevenet » Zen Load Balancer » Version: 3.10.1

cpe:2.3:a:zevenet:zen_load_balancer:3.10.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-11491

Products

Pricing

Contact Us