invigo 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
過去の問題は主に パス処理の欠陥 and vendor risk sql injection などに関し、一部は vendor impact data exposure を招き、vendor surface production workloads and vendor surface software deployment 関連の場面に影響します。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2020-10584 | A directory traversal on the /admin/search_by.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote attackers to read arbitrary server files accessible to the user running the application. | [email protected] | 7.5 | 0.43% | 2021-03-25 | 2024-11-21 |
| CVE-2020-10583 | The /admin/admapi.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote authenticated attackers to execute arbitrary OS commands on the server as the user running the application. | [email protected] | 8.8 | 2.04% | 2021-03-25 | 2024-11-21 |
| CVE-2020-10582 | A SQL injection on the /admin/display_errors.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote attackers to execute arbitrary SQL requests (including data reading and modification) on the database. | [email protected] | 9.8 | 0.51% | 2021-03-25 | 2024-11-21 |
| CVE-2020-10581 | Multiple session validity check issues in several administration functionalities of Invigo Automatic Device Management (ADM) through 5.0 allow remote attackers to read potentially sensitive data hosted by the application. | [email protected] | 7.5 | 0.29% | 2021-03-25 | 2024-11-21 |
| CVE-2020-10580 | A command injection on the /admin/broadcast.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote authenticated attackers to execute arbitrary PHP code on the server as the user running the application. | [email protected] | 8.8 | 10.98% | 2021-03-25 | 2024-11-21 |
| CVE-2020-10579 | A directory traversal on the /admin/sysmon.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote attackers to list the content of arbitrary server directories accessible to the user running the application. | [email protected] | 7.5 | 0.43% | 2021-03-25 | 2024-11-21 |