PT-2023-7872 · Unknown · Itpison Omicard Edm

Vtim

Publicado

2023-11-16

Atualizado

2023-12-22

CVE-2023-48371

CVSS v2.0

Crítica

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions ITPison OMICARD EDM (affected versions not specified)

Description The file uploading function in ITPison OMICARD EDM does not restrict the upload of files with dangerous types. An unauthenticated remote attacker can exploit this issue to upload and run arbitrary executable files, allowing them to perform arbitrary system commands or disrupt service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Unrestricted File Upload

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-434

Identificadores relacionados

BDU:2023-08943

CVE-2023-48371

Produtos afetados

Itpison Omicard Edm

PT-2023-7872 · Unknown · Itpison Omicard Edm

CVE-2023-48371

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8