CVE-2020-13124

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2020-13124

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-13124.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-13124

Downstream

DEBIAN-CVE-2020-13124

UBUNTU-CVE-2020-13124

Related

GHSA-9x87-96gg-33w2

Published

2020-08-11T16:15:12.273Z

Modified

2026-03-15T14:37:06.989019Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

SABnzbd 2.3.9 and 3.0.0Alpha2 has a command injection vulnerability in the web configuration interface that permits an authenticated user to execute arbitrary Python commands on the underlying operating system.

References

Affected packages

Git / github.com/sabnzbd/sabnzbd

Affected ranges

Type

GIT

Repo

https://github.com/sabnzbd/sabnzbd

Events

Introduced

Last affected

8f21533e76d64a3bc26643394d5e98dc01ece63e

Introduced

Last affected

a7552c28c80395fbc6bcc1be3853723dc364c98e

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.3.9"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.0.0-alpha2"
        }
    ]
}

Affected versions

0.*

0.6.0

0.6.1

0.6.2

0.6.3

0.6.4

0.6.5

0.6.6

0.6.7

0.6.8

0.6.8RC1

0.6.9

0.6.9RC1

0.6.9RC2

0.7.0

0.7.0Alpha1

0.7.0Alpha2

0.7.0Alpha3

0.7.0Beta1

0.7.0Beta2

0.7.0Beta3

0.7.0Beta4

0.7.0Beta5

0.7.0Beta6

0.7.0Beta7

0.7.0Beta8

0.7.0RC1

0.7.0RC2

0.7.1

0.7.10

0.7.10RC1

0.7.11

0.7.11RC1

0.7.11RC2

0.7.1RC1

0.7.1RC2

0.7.1RC3

0.7.1RC4

0.7.1RC5

0.7.2

0.7.2RC1

0.7.2RC2

0.7.3

0.7.3Beta1

0.7.3Beta2

0.7.3RC1

0.7.4

0.7.4Beta1

0.7.4Beta2

0.7.4Beta3

0.7.4RC1

0.7.4RC2

0.7.5

0.7.5RC1

0.7.6

0.7.6Beta1

0.7.6Beta2

0.7.6Final

0.7.7

0.7.8

0.7.8RC1

0.7.9

0.7.9RC1

0.8.0Alpha1

0.8.0Alpha2

0.8.0Beta1

0.8.0Beta2

0.8.0Beta3

0.8.0Beta4

0.8.0Beta5

0.8.0Beta6

1.*

1.0.0

1.0.0RC1

1.0.0RC2

1.0.0RC3

1.0.0RC4

1.0.0RC5

1.0.1

1.0.1RC1

1.0.2

1.0.3

1.1.0

1.1.0Beta1

1.1.0RC1

1.1.0RC2

1.1.0RC3

1.1.0RC4

1.2.0

1.2.0Beta1

1.2.0RC1

1.2.1

1.2.1Beta1

1.2.1RC1

1.2.2

1.2.3

2.*

2.0.0

2.0.0Alpha1

2.0.0Beta1

2.0.0RC1

2.0.0RC2

2.0.0RC3

2.0.1

2.0.1RC1

2.0.1RC2

2.1.0

2.1.0Beta1

2.1.0RC1

2.2.0

2.2.0Alpha1

2.2.0Alpha2

2.2.0Alpha3

2.2.0Beta1

2.2.0Beta2

2.2.0RC1

2.2.0RC2

2.2.0RC3

2.2.1

2.2.1RC1

2.2.1RC2

2.3.0

2.3.0Alpha1

2.3.0Alpha2

2.3.0RC1

2.3.0RC2

2.3.1

2.3.1Beta1

2.3.1RC1

2.3.1RC2

2.3.2

2.3.2RC1

2.3.2RC2

2.3.3

2.3.3Beta1

2.3.3RC1

2.3.3RC2

2.3.4

2.3.4RC1

2.3.5

2.3.5RC1

2.3.5RC2

2.3.6

2.3.6Beta1

2.3.6RC1

2.3.7

2.3.7Beta1

2.3.7RC1

2.3.8

2.3.8Beta1

2.3.8RC1

2.3.9

2.3.9RC1

2.3.9RC2

3.*

3.0.0Alpha1

3.0.0Alpha2

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-13124.json"