Detections
Analytics

CVE-2020-37027

critical

Description

Sickbeard alpha contains a remote command injection vulnerability that allows unauthenticated attackers to execute arbitrary commands through the extra scripts configuration. Attackers can set malicious commands in the extra scripts field and trigger processing to execute remote code on the vulnerable Sickbeard installation.

References

https://www.vulncheck.com/advisories/sickbeard-remote-command-injection

https://www.exploit-db.com/exploits/48646

https://web.archive.org/web/20190722085652/https://sickbeard.com/

https://github.com/midgetspy/Sick-Beard

Details

Source: Mitre, NVD

Published: 2026-01-30

Updated: 2026-01-30

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

CVSS v4

Base Score: 9.3

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Severity: Critical

EPSS

EPSS: 0.00508