CVE-2022-50893

Name of the Vulnerable Software and Affected Versions VIAVIWEB Wallpaper Admin version 1.0

Description The software contains an unauthenticated remote code execution issue in the image upload functionality. An attacker can upload a malicious PHP file through the ''add gallery image.php'' endpoint, allowing for arbitrary code execution on the server. The vulnerable parameter is the uploaded file.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.