PT-2018-9014 · Neojapan · Denbun

Published

2018-11-15

Updated

2018-12-17

CVE-2018-0686

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Denbun by NEOJAPAN Inc. versions V3.3P R4.0 and earlier Denbun by NEOJAPAN Inc. versions V3.3I R4.0 and earlier

Description The issue allows remote authenticated attackers to upload and execute any executable files.

Recommendations For Denbun by NEOJAPAN Inc. versions V3.3P R4.0 and earlier, restrict access to file upload functionality until a fix is available. For Denbun by NEOJAPAN Inc. versions V3.3I R4.0 and earlier, restrict access to file upload functionality until a fix is available.

Fix

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-434

Related Identifiers

CVE-2018-0686

Affected Products

Denbun

PT-2018-9014 · Neojapan · Denbun

CVE-2018-0686

Weakness Enumeration

Related Identifiers

Affected Products

References · 5