9.8

CVE-2020-36911

Exploit

Covenant 0.5 - Remote Code Execution (RCE)

Covenant 0.1.3 - 0.5 contains a remote code execution vulnerability that allows attackers to craft malicious JWT tokens with administrative privileges. Attackers can generate forged tokens with admin roles and upload custom DLL payloads to execute arbitrary commands on the target system.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CobbrCovenant Version >= 0.1.3 <= 0.5
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 10.45% 0.952
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
disclosure@vulncheck.com 9.3 0 0
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
disclosure@vulncheck.com 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-798 Use of Hard-coded Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

https://www.exploit-db.com/exploits/51141
Exploit
https://cobbr.io/Covenant.html
Broken Link
https://github.com/cobbr/Covenant
Product
https://web.archive.org/web/20201101052547/https://blog.null.farm/hunting-the-hunters
Third Party Advisory
Exploit
https://github.com/Zeop-CyberSec/covenant_rce/blob/master/covenant_jwt_rce.rb
Product
https://web.archive.org/web/20201013165001/https://twitter.com/cobbr_io/status/1316058367161401344
Issue Tracking
https://www.vulncheck.com/advisories/covenant-remote-code-execution-rce
Third Party Advisory