PT-2023-7872 · Unknown · Itpison Omicard Edm
Vtim
·
Published
2023-11-16
·
Updated
2023-12-22
·
CVE-2023-48371
CVSS v2.0
10
Critical
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
ITPison OMICARD EDM (affected versions not specified)
Description
The file uploading function in ITPison OMICARD EDM does not restrict the upload of files with dangerous types. An unauthenticated remote attacker can exploit this issue to upload and run arbitrary executable files, allowing them to perform arbitrary system commands or disrupt service.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Itpison Omicard Edm