Описание
An issue was discovered in the firmware update form in Socomec REMOTE VIEW PRO 2.0.41.4. An authenticated attacker can bypass a client-side file-type check and upload arbitrary .php files.
Ссылки
- Third Party Advisory
- Vendor Advisory
- Third Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:socomec:remote_view_pro_firmware:2.0.41.4:*:*:*:*:*:*:*
cpe:2.3:h:socomec:remote_view_pro:-:*:*:*:*:*:*:*
EPSS
Процентиль: 72%
0.00706
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-434
Связанные уязвимости
github
около 4 лет назад
An issue was discovered in the firmware update form in Socomec REMOTE VIEW PRO 2.0.41.4. An authenticated attacker can bypass a client-side file-type check and upload arbitrary .php files.
EPSS
Процентиль: 72%
0.00706
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-434