CVE CVE-2020-15188 Mappings

SOY CMS 3.0.2.327 and earlier is affected by Unauthenticated Remote Code Execution (RCE). The allows remote attackers to execute any arbitrary code when the inquiry form feature is enabled by the service. The vulnerability is caused by unserializing the form without any restrictions. This was fixed in 3.0.2.328.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
CVE-2020-15188 soycms primary_impact T1059 Command and Scripting Interpreter
CVE-2020-15188 soycms exploitation_technique T1133 External Remote Services