vBulletin Pre-Auth RCE CVE-2020-17496 Scanner

Details
Stay Up To Date
Asset Type

DOMAIN,IP,URL

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

15

vBulletin Pre-Auth RCE CVE-2020-17496 Scanner Detail

There is a pre-auth remote code execution vulnerability in vBulletin.

vBulletin 5.5.4 through 5.6.2 allows remote command execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. NOTE: this issue exists because of an incomplete fix for CVE-2019-16759.

Some Advice for Common Problems

You need to update to latest version.

Community Discussions

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service