Описание
An external control of file name or path vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to execute arbitrary system commands via a malicious file by controlling the destination file path.
Уязвимые конфигурации
Конфигурация 1Версия до 10.11 (исключая)
cpe:2.3:a:sun.net:ehrd_ctms:*:*:*:*:*:*:*:*
EPSS
Процентиль: 34%
0.00136
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-73
Связанные уязвимости
CVSS3: 9.8
github
5 месяцев назад
An external control of file name or path vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to execute arbitrary system commands via a malicious file by controlling the destination file path.
EPSS
Процентиль: 34%
0.00136
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-73