Critical severity9.8NVD Advisory· Published Jan 30, 2026· Updated Apr 15, 2026

CVE-2020-37027

Description

Sickbeard alpha contains a remote command injection vulnerability that allows unauthenticated attackers to execute arbitrary commands through the extra scripts configuration. Attackers can set malicious commands in the extra scripts field and trigger processing to execute remote code on the vulnerable Sickbeard installation.

Affected products

Midgetspy/Sick Beardreferences

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

web.archive.org/web/20190722085652/https://sickbeard.com/nvd
www.exploit-db.com/exploits/48646nvd
www.vulncheck.com/advisories/sickbeard-remote-command-injectionnvd

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000