Описание
A path traversal vulnerability in unauthenticated upload functionality allows a malicious actor to upload binaries and scripts to the server’s configuration and web root directories, achieving remote code execution on the Unified PAM server.
Дополнительная информация
Статус:
Critical
Дефект:
CWE-22
https://bugzilla.redhat.com/show_bug.cgi?id=2390826Securden-Unified-PAM: Securden Unified PAM Path Traversal In File Upload
Связанные уязвимости
CVSS3: 9.4
nvd
6 месяцев назад
A path traversal vulnerability in unauthenticated upload functionality allows a malicious actor to upload binaries and scripts to the server’s configuration and web root directories, achieving remote code execution on the Unified PAM server.
CVSS3: 9.4
github
6 месяцев назад
A path traversal vulnerability in unauthenticated upload functionality allows a malicious actor to upload binaries and scripts to the server’s configuration and web root directories, achieving remote code execution on the Unified PAM server.