Olajowon

Name of the Vulnerable Software and Affected Versions: olajowon Loggrove up to e428fac38cc480f011afcb1d8ce6c2bad378ddd6 Description: A problematic issue has been found in olajowon Loggrove, affecting an unknown function of the file "/read/?page=1&logfile=LOG Monitor" in the Logfile Update Handler component. The manipulation of the argument path leads to path traversal, allowing for remote attacks. The exploit has been publicly disclosed. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: olajowon Loggrove up to e428fac38cc480f011afcb1d8ce6c2bad378ddd6 Description: A critical vulnerability was found in olajowon Loggrove, affecting an unknown functionality of the file /read/?page=1&logfile=eee&match=. The manipulation of the argument path leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Recommendations: As a temporary workaround, consider restricting access to the /read/?page=1&logfile=eee&match= endpoint until a fix is available. Avoid using the `logfile` and `match` parameters in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.