Описание
JEUS 7 Fix#05 and JEUS 8Fix#01 versions contains a directory traversal vulnerability caused by improper input parameter check when uploading installation file in administration web page. That leads remote attacker to execute arbitrary code via uploaded file.
Ссылки
- PatchThird Party Advisory
- PatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:tmaxsoft:jeus:7:fix_0:*:*:*:*:*:*
cpe:2.3:a:tmaxsoft:jeus:7:fix_5:*:*:*:*:*:*
cpe:2.3:a:tmaxsoft:jeus:8:fix_0:*:*:*:*:*:*
cpe:2.3:a:tmaxsoft:jeus:8:fix_1:*:*:*:*:*:*
EPSS
Процентиль: 83%
0.01955
Низкий
7.2 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
github
больше 3 лет назад
JEUS 7 Fix#0~5 and JEUS 8Fix#0~1 versions contains a directory traversal vulnerability caused by improper input parameter check when uploading installation file in administration web page. That leads remote attacker to execute arbitrary code via uploaded file.
EPSS
Процентиль: 83%
0.01955
Низкий
7.2 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-22