CVE-2020-36911 | THREATINT

Description

Covenant 0.1.3 - 0.5 contains a remote code execution vulnerability that allows attackers to craft malicious JWT tokens with administrative privileges. Attackers can generate forged tokens with admin roles and upload custom DLL payloads to execute arbitrary commands on the target system.

PUBLISHED Reserved 2026-01-03 | Published 2026-01-13 | Updated 2026-01-14 | Assigner VulnCheck

CRITICAL: 9.3CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CRITICAL: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Problem types

Use of Hard-coded Credentials

Product status

0.1.3 (semver)

affected

Credits

coastal finder

References

github.com/...c/covenant_rce/blob/master/covenant_jwt_rce.rb exploit

web.archive.org/...ttps://blog.null.farm/hunting-the-hunters exploit

www.exploit-db.com/exploits/51141 (ExploitDB-51141) exploit

cobbr.io/Covenant.html (Vendor Homepage) product

github.com/cobbr/Covenant (Covenant GitHub Repository) product

web.archive.org/...ttps://blog.null.farm/hunting-the-hunters (Archived Researcher Blog) technical-description exploit

github.com/...c/covenant_rce/blob/master/covenant_jwt_rce.rb (Exploit Repository) exploit

web.archive.org/...r.com/cobbr_io/status/1316058367161401344 (Archived Maintainer Patch Announcement) vendor-advisory patch

www.vulncheck.com/...ries/covenant-remote-code-execution-rce (VulnCheck Advisory: Covenant 0.5 - Remote Code Execution (RCE)) third-party-advisory

cve.org (CVE-2020-36911)

nvd.nist.gov (CVE-2020-36911)

Download JSON