CVE-2020-1948 is a vulnerability in Apache Dubbo
Published on July 14, 2020
This vulnerability can affect all Dubbo users stay on version 2.7.6 or lower. An attacker can send RPC requests with unrecognized service name or method name along with some malicious parameter payloads. When the malicious parameter is deserialized, it will execute some malicious code. More details can be found below.
Products Associated with CVE-2020-1948
Want to know whenever a new CVE is published for Apache Dubbo? stack.watch will email you.
Exploit Probability
EPSS
63.60%
Percentile
98.39%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.