PT-2018-4572 · Uptime · Up.Time Monitoring Station
Crash
+4
·
Published
2018-08-27
·
Updated
2025-07-17
·
CVE-2015-9263
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Up.Time Monitoring Station versions 7.4.0 (build 13) through 7.5.0 (build 16)
Description
An issue in post2file.php allows an attacker to upload arbitrary files, including .php files that can execute arbitrary OS commands.
Recommendations
For versions 7.4.0 (build 13) through 7.5.0 (build 16), consider restricting access to the post2file.php script until a fix is available. As a temporary workaround, disabling the execution of uploaded files can help minimize the risk of exploitation.
Exploit
Fix
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Up.Time Monitoring Station