CNNVD-202601-1031 Information

Jan 06, 2026 cve

CNNVD ID

CNNVD-202601-1031

CVE-2020-36910

CNNVD Published: 2026-01-06

Description (Chinese)

Cayin Signage Media Player是中国台湾凯音（Cayin）公司的一系列电子看板播放终端。 Cayin Signage Media Player 3.0版本存在操作系统命令注入漏洞，该漏洞源于system.cgi和wizard_system.cgi页面存在经过身份验证的远程命令注入漏洞，可能导致以root权限执行任意shell命令。

Description (English)

Cayin Signage Media Player is the end of a series of electronic board-playing terminals of the Chinese company Kayin. Version 3.0 of the Cayin Signage Media Player contains a loophole in the operating system commands, which originates from an identified remote command on the system.cgi and wizard system.cgi pages, which may lead to the execution of arbitrary shell orders with root privileges.

Hazard Level

Medium

Vulnerability Type

操作系统命令注入

Affected Vendor

凯音

Published

2026-01-06

Last Modified

2026-02-24

References

https://cxsecurity.com/issue/WLB-2020060049 https://exchange.xforce.ibmcloud.com/vulnerabilities/182924 https://packetstorm.news/files/id/157942 https://www.cayintech.com https://www.exploit-db.com/exploits/48557 https://www.vulncheck.com/advisories/cayin-signage-media-player-authenticated-remote-command-injection-via-ntp-parameter https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5569.php

Share on: