exploitDog

CVE-2014-0607

Опубликовано: 24 июл. 2014

Источник: nvd

CVSS2: 10

EPSS Низкий

Описание

Unrestricted file upload vulnerability in Attachmate Verastream Process Designer (VPD) before R6 SP1 Hotfix 1 allows remote attackers to execute arbitrary code by uploading and launching an executable file.

Комментарий

CWE-434: Unrestricted Upload of File with Dangerous Type

Ссылки

http://support.attachmate.com/techdocs/2700.html
Vendor Advisory
http://support.attachmate.com/techdocs/2700.html
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:attachmate:verastream_process_designer:*:sp1:*:*:*:*:*:*

Версия до 6.0 (включая)

cpe:2.3:a:attachmate:verastream_process_designer:6.0:*:*:*:*:*:*:*

EPSS

Процентиль: 91%

0.06843

Низкий

10 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-5x62-f5vq-c3w4

github

больше 3 лет назад

Unrestricted file upload vulnerability in Attachmate Verastream Process Designer (VPD) before R6 SP1 Hotfix 1 allows remote attackers to execute arbitrary code by uploading and launching an executable file.

EPSS

Процентиль: 91%

0.06843

Низкий

10 Critical

CVSS2

Дефекты

NVD-CWE-Other