CVE-2020-8086

EPSS 0.67% · P71 Updated Feb 24, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-8086

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

The mod_auth_ldap and mod_auth_ldap2 Community Modules through 2020-01-27 for Prosody incompletely verify the XMPP address passed to the is_admin() function. This grants remote entities admin-only functionality if their username matches the username of a local admin.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

mod_auth_ldap 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

mod_auth_ldap和mod_auth_ldap2 2020-01-27及之前版本（用于Prosody）中存在安全漏洞，该漏洞源于程序没有正确验证发送给‘is_admin()’函数的XMPP地址。远程攻击者可利用该漏洞访问仅管理员可访问的功能。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2020-8086

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2020-8086

请登录查看更多情报信息。

https://hg.prosody.im/prosody-modules/log/tip/mod_auth_ldap2/mod_auth_ldap2.luax_refsource_MISC
https://prosody.im/security/advisory_20200128/x_refsource_CONFIRM
https://www.debian.org/security/2020/dsa-4612vendor-advisoryx_refsource_DEBIAN
https://seclists.org/bugtraq/2020/Feb/5mailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2020-8086

Same Patch Batch · n/a · 2020-01-28 · 53 CVEs total

CVE-2014-2897		wolfSSL CyaSSL 缓冲区错误漏洞
CVE-2019-10779		Gchq stroom 跨站脚本漏洞
CVE-2019-10770		Ratpack 跨站脚本漏洞
CVE-2020-7799		FusionAuth 注入漏洞
CVE-2019-5466		GitLab 信息泄露漏洞
CVE-2020-7997		ASUS WRT-AC66U 3 RT 跨站脚本漏洞
CVE-2020-7998		Super File Explorer 代码问题漏洞
CVE-2019-15607		NodeRed npm 跨站脚本漏洞
CVE-2014-2906		fish 竞争条件错误漏洞
CVE-2014-2896		wolfSSL CyaSSL 缓冲区错误漏洞
CVE-2014-3856		fish 竞争条件问题漏洞
CVE-2014-2898		wolfSSL CyaSSL 缓冲区错误漏洞
CVE-2013-4865		MiCasaVerde VeraLite 跨站请求伪造漏洞
CVE-2013-4864		MiCasaVerde VeraLite 代码问题漏洞
CVE-2013-4863		MiCasaVerde VeraLite 授权问题漏洞
CVE-2013-4862		MiCasaVerde VeraLite 安全漏洞
CVE-2013-4861		MiCasaVerde VeraLite 路径遍历漏洞
CVE-2012-6610		Polycom HDX和UC APLPolycom 操作系统命令注入漏洞
CVE-2012-6609		Polycom HDX Video End Point和UC APLPolycom 路径遍历漏洞
CVE-2015-7851		NTP 路径遍历漏洞

Showing top 20 of 53 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2020-8086

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2020-8086

I. Basic Information for CVE-2020-8086

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2020-8086

III. Intelligence Information for CVE-2020-8086

Same Patch Batch · n/a · 2020-01-28 · 53 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2020-8086

Leave a comment