PT-2018-14957 · Codiad · Codiad

Hexifeo

Published

2018-11-21

Updated

2022-02-19

CVE-2018-19423

CVSS v3.1

7.2

High

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Codiad version 2.8.4

Description The issue allows remote authenticated administrators to execute arbitrary code by uploading an executable file.

Recommendations For version 2.8.4, update to a newer version that contains a fix for this issue, or as a temporary workaround, consider restricting file upload capabilities to prevent the execution of arbitrary code.

Exploit

Fix

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-434

Related Identifiers

CVE-2018-19423

Affected Products

Codiad

PT-2018-14957 · Codiad · Codiad

CVE-2018-19423

Weakness Enumeration

Related Identifiers

Affected Products

References · 6