Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Magento Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability - CVE-2020-9578 - Vulnerability Database
Magento

Magento Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability - CVE-2020-9578

Critical
Reference: CVE-2020-9578
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-9578
Title: Magento Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
Overview:

Magento versions 2.3.4 and earlier 2.2.11 and earlier (see note) 1.14.4.4 and earlier and 1.9.4.4 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.