PT-2019-9876 · Westermo · Westermo Dr-260+1
Simon Brackenridge
·
Publicado
2019-05-24
·
Atualizado
2019-05-28
·
CVE-2018-19612
CVSS v2.0
6.5
Média
| Vetor | AV:N/AC:L/Au:S/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Westermo DR-250 versions Pre-5162
Westermo DR-260 versions Pre-5162
Description
The issue concerns the /uploadfile functionality, which allows remote users to upload malicious file types and execute ASP code.
Recommendations
For Westermo DR-250 version Pre-5162, update to a version post-5162 to resolve the issue.
For Westermo DR-260 version Pre-5162, update to a version post-5162 to resolve the issue.
As a temporary workaround, consider restricting access to the /uploadfile functionality until a patch is available.
Exploit
Correção
Unrestricted File Upload
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Westermo Dr-250
Westermo Dr-260