PT-2017-13387 · Mirasvit · Mirasvit Helpdesk Mx
Publicado
2017-09-21
·
Atualizado
2017-10-04
·
CVE-2017-14320
CVSS v3.1
8.0
Alta
| Vetor | AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Mirasvit Helpdesk MX versions prior to 1.5.3
Description
The issue is related to the failure to filter uploaded files, which might allow remote attackers to execute arbitrary code.
Recommendations
For versions prior to 1.5.3, update to version 1.5.3 or later to resolve the issue. As a temporary workaround, consider restricting file uploads until the update is applied.
Correção
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Mirasvit Helpdesk Mx