CVE-2020-13124

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-13124

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-13124.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2020-13124

Downstream

DEBIAN-CVE-2020-13124

UBUNTU-CVE-2020-13124

Related

GHSA-9x87-96gg-33w2

Published

2020-08-11T16:15:12Z

Modified

2025-09-19T11:38:56.923070Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

SABnzbd 2.3.9 and 3.0.0Alpha2 has a command injection vulnerability in the web configuration interface that permits an authenticated user to execute arbitrary Python commands on the underlying operating system.

References

Affected packages

Git / github.com/sabnzbd/sabnzbd

Affected ranges

Type: GIT
Repo: https://github.com/sabnzbd/sabnzbd
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

8f21533e76d64a3bc26643394d5e98dc01ece63e

Last affected

a7552c28c80395fbc6bcc1be3853723dc364c98e

Affected versions

0.*

0.6.0

0.6.1

0.6.2

0.6.3

0.6.4

0.6.5

0.6.6

0.6.7

0.6.8

0.6.8RC1

0.6.9

0.6.9RC1

0.6.9RC2

0.7.0

0.7.0Alpha1

0.7.0Alpha2

0.7.0Alpha3

0.7.0Beta1

0.7.0Beta2

0.7.0Beta3

0.7.0Beta4

0.7.0Beta5

0.7.0Beta6

0.7.0Beta7

0.7.0Beta8

0.7.0RC1

0.7.0RC2

0.7.1

0.7.10

0.7.10RC1

0.7.11

0.7.11RC1

0.7.11RC2

0.7.1RC1

0.7.1RC2

0.7.1RC3

0.7.1RC4

0.7.1RC5

0.7.2

0.7.2RC1

0.7.2RC2

0.7.3

0.7.3Beta1

0.7.3Beta2

0.7.3RC1

0.7.4

0.7.4Beta1

0.7.4Beta2

0.7.4Beta3

0.7.4RC1

0.7.4RC2

0.7.5

0.7.5RC1

0.7.6

0.7.6Beta1

0.7.6Beta2

0.7.6Final

0.7.7

0.7.8

0.7.8RC1

0.7.9

0.7.9RC1

0.8.0Alpha1

0.8.0Alpha2

0.8.0Beta1

0.8.0Beta2

0.8.0Beta3

0.8.0Beta4

0.8.0Beta5

0.8.0Beta6

1.*

1.0.0

1.0.0RC1

1.0.0RC2

1.0.0RC3

1.0.0RC4

1.0.0RC5

1.0.1

1.0.1RC1

1.0.2

1.0.3

1.1.0

1.1.0Beta1

1.1.0RC1

1.1.0RC2

1.1.0RC3

1.1.0RC4

1.2.0

1.2.0Beta1

1.2.0RC1

1.2.1

1.2.1Beta1

1.2.1RC1

1.2.2

1.2.3

2.*

2.0.0

2.0.0Alpha1

2.0.0Beta1

2.0.0RC1

2.0.0RC2

2.0.0RC3

2.0.1

2.0.1RC1

2.0.1RC2

2.1.0

2.1.0Beta1

2.1.0RC1

2.2.0

2.2.0Alpha1

2.2.0Alpha2

2.2.0Alpha3

2.2.0Beta1

2.2.0Beta2

2.2.0RC1

2.2.0RC2

2.2.0RC3

2.2.1

2.2.1RC1

2.2.1RC2

2.3.0

2.3.0Alpha1

2.3.0Alpha2

2.3.0RC1

2.3.0RC2

2.3.1

2.3.1Beta1

2.3.1RC1

2.3.1RC2

2.3.2

2.3.2RC1

2.3.2RC2

2.3.3

2.3.3Beta1

2.3.3RC1

2.3.3RC2

2.3.4

2.3.4RC1

2.3.5

2.3.5RC1

2.3.5RC2

2.3.6

2.3.6Beta1

2.3.6RC1

2.3.7

2.3.7Beta1

2.3.7RC1

2.3.8

2.3.8Beta1

2.3.8RC1

2.3.9

2.3.9RC1

2.3.9RC2

3.*

3.0.0Alpha1

3.0.0Alpha2