Critical severity9.8NVD Advisory· Published Dec 23, 2020· Updated Jun 17, 2026
CVE-2020-29552
CVE-2020-29552
Description
An issue was discovered in URVE Build 24.03.2020. By using the _internal/pc/vpro.php?mac=0&ip=0&operation=0&usr=0&pass=0%3bpowershell+-c+" substring, it is possible to execute a Powershell command and redirect its output to a file under the web root.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- URVE/URVEdescription
- Range: Build 24.03.2020
Patches
Vulnerability mechanics
References
4- packetstormsecurity.com/files/160722/URVE-Software-Build-24.03.2020-Authentication-Bypass-Remote-Code-Execution.htmlnvdExploitThird Party AdvisoryVDB Entry
- seclists.org/fulldisclosure/2020/Dec/47nvdExploitMailing ListThird Party Advisory
- www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2020-040.txtnvdExploitThird Party Advisory
- urve.co.uk/system-rezerwacji-salnvdVendor Advisory
News mentions
0No linked articles in our index yet.