Critical severity9.8NVD Advisory· Published Feb 5, 2026· Updated Apr 15, 2026

CVE-2020-37123

Description

Pinger 1.0 contains a remote code execution vulnerability that allows attackers to inject shell commands through the ping and socket parameters. Attackers can exploit the unsanitized input in ping.php to write arbitrary PHP files and execute system commands by appending shell metacharacters.

Affected products

Wcchandler/Pingerreferences

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploit-db.com/exploits/48323nvd
www.vulncheck.com/advisories/pinger-remote-code-executionnvd

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.013
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000