Hicos citizen certificate client-side component does not filter special characters for command parameters in specific web URLs. An unauthenticated remote attacker can exploit this vulnerability to perform command injection attack to execute arbitrary system command, disrupt system or terminate service.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: twcert

Published: 2022-03-01T01:55:17.625028Z

Updated: 2024-09-16T22:35:31.057Z

Reserved: 2020-05-11T00:00:00

Link: CVE-2020-12775

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-03-01T02:15:07.213

Modified: 2024-11-21T05:00:16.097

Link: CVE-2020-12775

cve-icon Redhat

No data.