WEB LinuxKI Toolset 6.01 Remote Command Execution (CVE-2020-7209)

Rule ID

1137235

Severity

Critical

Description

There is a vulnerability in LinuxKI Toolset <= 6.01 which allows remote code execution. The kivis.php pid parameter received from the user is sent to the shell_exec function, resulting in security vulnerability.

Impact

Remote code execution

Recommendation

Update vendor's patch.

IPS Category

Web threats

IPS Anomaly Group

N/A

IPS Rule Default Action

Deny

References

CVE-2020-7209

EDB-48483

msf

T1059

Keywords

N/A

Date Created

2020/07/10

Last Updated

2025/06/25

This website uses cookies to ensure you get the best experience on our website.

Learn more