CVE-2023-41812

Name of the Vulnerable Software and Affected Versions Pandora FMS versions 700 through 773

Description The issue allows unrestricted upload of files with dangerous types, specifically PHP executable files, through the file manager. This is due to accessing functionality not properly constrained by ACLs.

Recommendations For versions 700 through 773, update to a version that properly constrains access to functionality by ACLs to prevent the upload of dangerous file types. As a temporary workaround, consider restricting access to the file manager to minimize the risk of exploitation.