PT-2018-4572 · Uptime · Up.Time Monitoring Station

Crash

Publicado

2018-08-27

Atualizado

2025-07-17

CVE-2015-9263

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Up.Time Monitoring Station versions 7.4.0 (build 13) through 7.5.0 (build 16)

Description An issue in post2file.php allows an attacker to upload arbitrary files, including .php files that can execute arbitrary OS commands.

Recommendations For versions 7.4.0 (build 13) through 7.5.0 (build 16), consider restricting access to the post2file.php script until a fix is available. As a temporary workaround, disabling the execution of uploaded files can help minimize the risk of exploitation.

Exploit

Correção

Unrestricted File Upload

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-434

Identificadores relacionados

CVE-2015-9263

Produtos afetados

Up.Time Monitoring Station

PT-2018-4572 · Uptime · Up.Time Monitoring Station

CVE-2015-9263

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5