Описание
i-doit Open Source CMDB 1.14.1 contains a file deletion vulnerability in the import module that allows authenticated attackers to delete arbitrary files by manipulating the delete_import parameter. Attackers can send a POST request to the import module with a crafted filename to remove files from the server's filesystem.
EPSS
Процентиль: 15%
0.00049
Низкий
8.8 High
CVSS3
Дефекты
CWE-73
Связанные уязвимости
CVSS3: 8.8
github
4 дня назад
i-doit Open Source CMDB 1.14.1 contains a file deletion vulnerability in the import module that allows authenticated attackers to delete arbitrary files by manipulating the delete_import parameter. Attackers can send a POST request to the import module with a crafted filename to remove files from the server's filesystem.
EPSS
Процентиль: 15%
0.00049
Низкий
8.8 High
CVSS3
Дефекты
CWE-73