Описание
A local file include vulnerability in the /servlet/Report of Zucchetti Ad Hoc Infinity 2.4 allows an authenticated attacker to achieve Remote Code Execution by uploading a jsp web/reverse shell through /jsp/zimg_upload.jsp.
Ссылки
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:zucchetti:ad_hoc_infinity:2.4:*:*:*:*:*:*:*
EPSS
Процентиль: 55%
0.00323
Низкий
7.3 High
CVSS3
Дефекты
CWE-98
Связанные уязвимости
CVSS3: 7.3
github
11 месяцев назад
A local file include vulnerability in the /servlet/Report of Zucchetti Ad Hoc Infinity 2.4 allows an authenticated attacker to achieve Remote Code Execution by uploading a jsp web/reverse shell through /jsp/zimg_upload.jsp.
EPSS
Процентиль: 55%
0.00323
Низкий
7.3 High
CVSS3
Дефекты
CWE-98