THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Zendesk (Helpdesk and Chat)

Ok

PUBLISHED

CVE-2020-36639

AlliedModders AMX Mod X Console Command adminvote.sma cmdVoteMap path traversal

Assigner:VulDB (1af790b2-7ee1-4545-860a-a788eba489b5)
Reserved:2023-01-04
Published:2023-01-04
Updated:2024-06-10

Description

EN DE

A vulnerability has been found in AlliedModders AMX Mod X on Windows and classified as critical. This vulnerability affects the function cmdVoteMap of the file plugins/adminvote.sma of the component Console Command Handler. The manipulation of the argument amx_votemap leads to path traversal. The patch is identified as a5f2b5539f6d61050b68df8b22ebb343a2862681. It is recommended to apply a patch to fix this issue. VDB-217354 is the identifier assigned to this vulnerability.

In AlliedModders AMX Mod X für Windows wurde eine kritische Schwachstelle gefunden. Hierbei betrifft es die Funktion cmdVoteMap der Datei plugins/adminvote.sma der Komponente Console Command Handler. Mittels dem Manipulieren des Arguments amx_votemap mit unbekannten Daten kann eine path traversal-Schwachstelle ausgenutzt werden. Der Patch wird als a5f2b5539f6d61050b68df8b22ebb343a2862681 bezeichnet. Als bestmögliche Massnahme wird Patching empfohlen.



MEDIUM: 4.3CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
MEDIUM: 4.3CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
4.7CVSS:2.0/AV:A/AC:L/Au:M/C:P/I:P/A:P

Problem types

CWE-22 Path Traversal

Product status

Any version
affected

Timeline

2023-01-04:Advisory disclosed
2023-01-04:CVE reserved
2023-01-04:VulDB entry created
2023-01-28:VulDB entry last update

Credits

VulDB GitHub Commit Analyzer tool

References

https://vuldb.com/?id.217354 vdb-entry technical-description

https://vuldb.com/?ctiid.217354 signature permissions-required

https://github.com/alliedmodders/amxmodx/pull/823 issue-tracking

https://github.com/alliedmodders/amxmodx/commit/a5f2b5539f6d61050b68df8b22ebb343a2862681 patch

cve.org CVE-2020-36639

nvd.nist.gov CVE-2020-36639

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2020-36639