WEB Agentejo Cockpit Auth.php check function NoSQL injection to RCE (CVE-2020-35846)

Rule ID

1236528

Severity

Critical

Description

Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php check function.

Impact

Information disclosure

Recommendation

Update vendor's patch.

IPS Category

Web threats

IPS Anomaly Group

N/A

IPS Rule Default Action

Deny

References

CVE-2020-35846

msf

T1059

T1082

Keywords

N/A

Date Created

2025/04/09

Last Updated

2025/06/05

This website uses cookies to ensure you get the best experience on our website.

Learn more