{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T12:01:10.479","vulnerabilities":[{"cve":{"id":"CVE-2020-8797","sourceIdentifier":"cve@mitre.org","published":"2020-04-23T18:15:11.903","lastModified":"2024-11-21T05:39:27.510","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Juplink RX4-1500 v1.0.3 allows remote attackers to gain root access to the Linux subsystem via an unsanitized exec call (aka Command Line Injection), if the undocumented telnetd service is enabled and the attacker can authenticate as admin from the local network."},{"lang":"es","value":"Juplink RX4-1500 versión v1.0.3, permite a atacantes remotos conseguir acceso root al subsistema Linux por medio de una llamada ejecutiva no saneada (también se conoce como Inyección de Línea de Comando), si el servicio telnetd no documentado está habilitado y el atacante puede autenticarse como un administrador desde la red local."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:C/I:C/A:C","baseScore":6.9,"accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"MEDIUM","exploitabilityScore":3.4,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:juplink:rx4-1500_firmware:1.0.3:*:*:*:*:*:*:*","matchCriteriaId":"D8269D90-271D-479A-AD3B-B376E060C344"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:juplink:rx4-1500:-:*:*:*:*:*:*:*","matchCriteriaId":"6D46885D-045C-476A-AADE-7045A5F9046A"}]}]}],"references":[{"url":"https://cerne.xyz/bugs/CVE-2020-8797.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://cerne.xyz/bugs/CVE-2020-8797.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}