Описание
In Afian Filerun 20220202 Changing the "search_tika_path" variable to a custom (and previously uploaded) jar file results in remote code execution in the context of the webserver user.
Ссылки
- Release NotesVendor Advisory
- Release NotesVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:afian:filerun:2022.02.02:*:*:*:*:*:*:*
EPSS
Процентиль: 92%
0.08286
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
In Afian Filerun 20220202 Changing the "search_tika_path" variable to a custom (and previously uploaded) jar file results in remote code execution in the context of the webserver user.
EPSS
Процентиль: 92%
0.08286
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
NVD-CWE-noinfo