CVE-2020-9688Command Injection in Adobe Download Manager

CWE-77Command InjectionCWE-74Injection3 documents3 sources
Severity
7.8HIGHNVD
EPSS
4.5%
top 10.85%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe Download ManagerAdobe Download Manager
Timeline
PublishedJul 17
Latest updateMay 24

Description

Adobe Download Manager version 2.0.0.518 have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

NVDadobe/download_manager2.0.0.518
CVEListV5adobe/adobe_download_managerversion 2.0.0.518

🔴Vulnerability Details

2
GHSA
GHSA-7gxm-25cp-2h59: Adobe Download Manager version 22022-05-24
CVEList
CVE-2020-9688: Adobe Download Manager version 22020-07-17
CVE-2020-9688 — Command Injection in Adobe | cvebase