CVEs-PoC/2020/CVE-2020-25565.md

### [CVE-2020-25565](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25565)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients (username: sapphire, password: ims) and gain access to the portal. Once the access is available, the attacker can inject malicious OS commands on “ping”, “traceroute” and “snmp” functions and execute code on the server.

### POC

#### Reference
- https://vuln.shellcoder.party/2020/09/19/cve-2020-25565-sapphireims-unprivileged-user-remote-command-execution-on-server/

#### Github
No PoCs found on GitHub currently.