Sage

Adxadmin

2 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2020-7387

Exploit
  • EPSS 48.81%
  • Published 22.07.2021 19:15:08
  • Last modified 21.11.2024 05:37:08

Sage X3 Installation Pathname Disclosure. A specially crafted packet can elicit a response from the AdxDSrv.exe component that reveals the installation directory of the product. Note that this vulnerability can be combined with CVE-2020-7388 to achie...

9.8

CVE-2020-7388

Exploit
  • EPSS 75.46%
  • Published 22.07.2021 19:15:08
  • Last modified 21.11.2024 05:37:09

Sage X3 Unauthenticated Remote Command Execution (RCE) as SYSTEM in AdxDSrv.exe component. By editing the client side authentication request, an attacker can bypass credential validation. While exploiting this does require knowledge of the installati...