Code Execution Vulnerability in Softaculous by Softaculous Ltd.
CVE-2020-26886

7.8HIGH

Key Information:

Vendor

Softaculous

Status
Softaculous
Vendor
CVE Published:
18 March 2021

What is CVE-2020-26886?

Softaculous versions prior to 5.5.7 are susceptible to a code execution vulnerability stemming from the external initialization of trusted variables or data stores. This flaw can potentially allow attackers to escalate privileges on the local host, posing significant security risks. It is crucial for users to upgrade to the latest version to mitigate the risks associated with this vulnerability.

References

https://www.softaculous.com/board/index.php?tid=17086&tit...
x_refsource_MISC
https://vulnerable.af
x_refsource_MISC
https://vulnerable.af/posts/cve-2020-26886/
x_refsource_MISC

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2020-26886 : Code Execution Vulnerability in Softaculous by Softaculous Ltd.