top of page
perceptive_background_267k.jpg

Pinger 1.0 contains a remote code execution vulnerability that allows attackers to inject shell commands through the ping and socket parameters. Attackers can e…

Published:

4 februari 2026 om 23:00:00

Alert date:

5 februari 2026 om 18:08:45

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies

CVE-2020-37123 affects Pinger 1.0, a network utility tool. The vulnerability allows remote code execution through command injection in the ping and socket parameters. Attackers can exploit unsanitized input in ping.php to inject shell commands using metacharacters. This enables arbitrary PHP file creation and system command execution. The vulnerability provides complete system compromise capabilities to remote attackers.

Technical details

Mitigation steps:

Affected products:

Pinger

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2020-37123
https://github.com/wcchandler/pinger
https://www.exploit-db.com/exploits/48323
https://www.vulncheck.com/advisories/pinger-remote-code-execution

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page