Описание
JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this temporary file in the PATH_INFO to the CMD_DB script during a backup action.
Ссылки
- Broken Link
- Broken Link
- Vendor Advisory
- Vendor AdvisoryRelease Notes
- Broken Link
- Broken Link
- Vendor Advisory
- Vendor AdvisoryRelease Notes
Уязвимые конфигурации
Конфигурация 1Версия до 1.33.4 (исключая)
cpe:2.3:a:directadmin:directadmin:*:*:*:*:*:*:*:*
EPSS
Процентиль: 24%
0.00082
Низкий
6.9 Medium
CVSS2
Дефекты
CWE-59
Связанные уязвимости
github
почти 4 года назад
JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this temporary file in the PATH_INFO to the CMD_DB script during a backup action.
EPSS
Процентиль: 24%
0.00082
Низкий
6.9 Medium
CVSS2
Дефекты
CWE-59