exploitDog

CVE-2024-46625

Опубликовано: 03 дек. 2024

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

An authenticated arbitrary file upload vulnerability in the /documentCache/upload endpoint of InfoDom Performa 365 v4.0.1 allows attackers to execute arbitrary code via uploading a crafted SVG file.

Ссылки

https://github.com/EchoSl0w/Research/blob/main/2024/CVE-2024-46625.md

EPSS

Процентиль: 47%

0.00241

Низкий

8.8 High

CVSS3

Дефекты

CWE-434

Связанные уязвимости

GHSA-prj7-gm8m-736f

CVSS3: 8.8

github

около 1 года назад

An authenticated arbitrary file upload vulnerability in the /documentCache/upload endpoint of InfoDom Performa 365 v4.0.1 allows attackers to execute arbitrary code via uploading a crafted SVG file.

EPSS

Процентиль: 47%

0.00241

Низкий

8.8 High

CVSS3

Дефекты

CWE-434