In Sentrifugo 3.2, users can upload an image under "Assets -> Add" tab. This "Upload Images" functionality is suffered from "Unrestricted File Upload" vulnerability so attacker can upload malicious files using this functionality and control the server.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-11-12T18:52:45
Updated: 2024-08-04T16:03:22.715Z
Reserved: 2020-10-07T00:00:00
Link: CVE-2020-26803
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-11-12T19:15:14.910
Modified: 2020-11-17T15:42:57.680
Link: CVE-2020-26803
Redhat
No data.