Login Sign Up

CVE-2020-27575

8.8 HIGH
Remote Code Execution

📋 TL;DR

CVE-2020-27575 is a command injection vulnerability in Maxum Rumpus web administration that allows authenticated administrators to execute arbitrary commands on the server. This affects Rumpus versions 8.2.13 and 8.2.14. Attackers with admin access can exploit this to gain full control of the affected system.

💻 Affected Systems

Products:
  • Maxum Rumpus
Versions: 8.2.13 and 8.2.14
Operating Systems: All platforms running Rumpus
Default Config Vulnerable: ⚠️ Yes
Notes: Requires admin access to the web administration interface. The vulnerability is in the user management functionality.

📦 What is this software?

Rumpus by Maxum

View all CVEs affecting Rumpus →

Rumpus by Maxum

View all CVEs affecting Rumpus →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise allowing attackers to execute arbitrary commands with server privileges, install malware, exfiltrate data, or pivot to other systems.

🟠

Likely Case

Attackers with compromised admin credentials or existing access can execute commands to steal data, install backdoors, or disrupt services.

🟢

If Mitigated

With proper network segmentation and admin credential protection, impact limited to isolated server compromise.

🌐 Internet-Facing: HIGH if Rumpus admin interface is exposed to internet, as authenticated attackers can execute arbitrary commands.
🏢 Internal Only: HIGH as any internal attacker with admin access can exploit this vulnerability.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires admin credentials. Public technical details and proof-of-concept are available in the referenced GitHub pages.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 8.2.15 or later

Vendor Advisory: http://maxum.com

Restart Required: Yes

Instructions:

1. Download Rumpus 8.2.15 or later from Maxum website. 2. Backup current configuration. 3. Install the updated version. 4. Restart Rumpus service. 5. Verify functionality.

🔧 Temporary Workarounds

Restrict Admin Access

all

Limit access to Rumpus admin interface to trusted IP addresses only

Disable User Management

all

Temporarily disable user management functionality if not required

🧯 If You Can't Patch

  • Implement strict network segmentation to isolate Rumpus server from critical systems
  • Enforce strong authentication and monitor admin account activity for suspicious behavior

🔍 How to Verify

Check if Vulnerable:

Check Rumpus version in admin interface or configuration files. Versions 8.2.13 or 8.2.14 are vulnerable.

Check Version:

Check Rumpus admin dashboard or configuration files for version information

Verify Fix Applied:

Verify Rumpus version is 8.2.15 or later. Test user management functionality to ensure commands cannot be injected.

📡 Detection & Monitoring

Log Indicators:

  • Unusual command execution in system logs
  • Multiple failed admin login attempts followed by successful login
  • Suspicious user management activities

Network Indicators:

  • Unusual outbound connections from Rumpus server
  • Traffic to command and control servers

SIEM Query:

source="rumpus" AND (event="command_execution" OR event="user_modified")

📊 Metadata

CVE ID: CVE-2020-27575
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-78
Published: March 8, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-27575, you might also want to check these:

CVE-2023-2564 10.0

This CVE describes an OS command injection vulnerability in scanservjs web scanning software that al...

Same vulnerability type (CWE-78)
CVE-2024-58338 10.0

Anevia Flamingo XL 3.2.9 contains a restricted shell escape vulnerability that allows remote attacke...

Same vulnerability type (CWE-78)
CVE-2025-26389 10.0

This critical vulnerability allows unauthenticated remote attackers to execute arbitrary code with r...

Same vulnerability type (CWE-78)