HomePentest-Tools.com Logo

Eyes Of Network (EON) Multiple API Vulnerabilities CVE-2020-8656CVE-2020-8657

Severity
CVSSv3 Score
9.8
Vulnerability description

Eyes Of Network (EON) is prone to multiple vulnerabilities over the API.

Risk description

Eyes Of Network (EON) is prone to multiple vulnerabilities: - SQL injection vulnerability allowing an unauthenticated attacker to perform various tasks such as authentication bypass (CVE-2020-8656) - Hardcoded EONAPI_KEY allowing an attacker to calculate/guess the admin access token (CVE-2020-8657)

Recommendation

See the referenced vendor advisories for a solution.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Feb 7, 2020
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available