Critical severity9.8NVD Advisory· Published Feb 17, 2020· Updated Jun 17, 2026
CVE-2020-9020
CVE-2020-9020
Description
Iteris Vantage Velocity Field Unit 2.3.1, 2.4.2, and 3.0 devices allow the injection of OS commands into cgi-bin/timeconfig.py via shell metacharacters in the NTP Server field.
Affected products
2- Iteris/Vantage Velocity Field Unitdescription
- Range: 2.3.1, 2.4.2, and 3.0
Patches
Vulnerability mechanics
References
1- sku11army.blogspot.com/2020/01/iteris-vantage-velocity-field-unit-os.htmlnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.