CVE-2020-8654

An issue was discovered in EyesOfNetwork 5.3. An authenticated web user with sufficient privileges could abuse the AutoDiscovery module to run arbitrary OS commands via the /module/module_frame/index.php autodiscovery.php target field. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt