{"vulnerability": "cve-2020-8087", "sightings": [{"uuid": "80034ff8-ab9f-4e56-8b44-3564902dcfd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-8087", "type": "published-proof-of-concept", "source": "https://t.me/cveNotify/484", "content": "\ud83d\udea8 CVE-2020-8087\nSMC Networks D3G0804W D3GNV5M-3.5.1.6.10_GA devices allow remote command execution by leveraging access to the Network Diagnostic Tools screen, as demonstrated by an admin login. The attacker must use a Parameter Pollution approach against goform/formSetDiagnosticToolsFmPing by providing the vlu_diagnostic_tools__ping_address parameter twice: once with a shell metacharacter and a command name, and once with a command argument.\n\n\ud83c\udf96@cveNotify", "creation_timestamp": "2020-01-27T23:37:55.000000Z"}]}