CVE-2020-15349

EPSS 0.19% · P40 Updated Feb 24, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-15349

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

BinaryNights ForkLift 3.x before 3.4 has a local privilege escalation vulnerability because the privileged helper tool implements an XPC interface that allows file operations to any process (copy, move, delete) as root and changing permissions.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Binarynights Forklift 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Binarynights Forklift是美国Binarynights公司的一个文件资源管理软件。该软件参考了FINDER文件管理器，并且可直接管理 FTP/SFTP/WebDAV、Amazon S3、iDisk、BLUETOOH 等资源。 BinaryNights ForkLift 3.x系列3.4之前版本存在安全漏洞，该漏洞源于有一个本地权限升级漏洞，因为特权助手工具实现了一个XPC接口，允许文件操作作为根进程(复制、移动、删除)和更改权限。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2020-15349

#	POC Description	Source Link	Shenlong Link
1	Vulnerability Description of CVE-2020-15349	https://github.com/Traxes/Forklift_LPE	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2020-15349

请登录查看更多情报信息。

https://binarynights.com/blog/posts/forklift-3-4-security-update.htmlx_refsource_CONFIRM
https://insinuator.net/2020/11/forklift-lpe/x_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2020-15349

Same Patch Batch · n/a · 2020-11-17 · 39 CVEs total

CVE-2020-7774	7.3 HIGH	Prototype Pollution
CVE-2020-25746		Resourcexpress Qubi3 信息泄露漏洞
CVE-2020-13958		Apache OpenOffice 安全漏洞
CVE-2020-21665		fastadmin SQL注入漏洞
CVE-2020-27553		Basetech Ge-131 Bt-1837836 路径遍历漏洞
CVE-2020-27554		Basetech Ge-131 Bt-1837836 安全漏洞
CVE-2020-25798		LimeSurvey 跨站脚本漏洞
CVE-2020-27555		Basetech Ge-131 Bt-1837836 安全漏洞
CVE-2020-27556		Basetech Ge-131 Bt-1837836 安全漏洞
CVE-2020-27557		Basetech Ge-131 Bt-1837836 安全漏洞
CVE-2020-27558		Basetech Ge-131 Bt-1837836 授权问题漏洞
CVE-2020-26701		Kaaproject Kaa IoT Platform 跨站脚本漏洞
CVE-2020-28687		Code Projects Artworks Gallery 代码问题漏洞
CVE-2020-28688		Code Projects Artworks Gallery 代码问题漏洞
CVE-2020-28647		Progress Software MOVEit Transfer 跨站脚本漏洞
CVE-2020-27192		Binarynights Forklift 代码注入漏洞
CVE-2020-10776		Red Hat Keycloak 跨站脚本漏洞
CVE-2020-25705		Linux kernel 安全特征问题漏洞
CVE-2020-14389		Red Hat Single Sign-On 安全漏洞
CVE-2020-28129		SourceCodester Gym Management System 跨站脚本漏洞

Showing top 20 of 39 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2020-15349

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2020-15349

I. Basic Information for CVE-2020-15349

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2020-15349

III. Intelligence Information for CVE-2020-15349

Same Patch Batch · n/a · 2020-11-17 · 39 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2020-15349

Leave a comment