An arbitrary file upload vulnerability in the Media Manager function of Closed-Loop Technology CLESS Server v4.5.2 allows attackers to execute arbitrary code via uploading a crafted PHP file to the upload endpoint.
Metrics
Affected Vendors & Products
References
History
Thu, 19 Sep 2024 20:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-94 | |
Metrics |
cvssV3_1
|
Thu, 19 Sep 2024 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | An arbitrary file upload vulnerability in the Media Manager function of Closed-Loop Technology CLESS Server v4.5.2 allows attackers to execute arbitrary code via uploading a crafted PHP file to the upload endpoint. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-09-19T00:00:00
Updated: 2024-09-19T19:29:09.450Z
Reserved: 2024-07-05T00:00:00
Link: CVE-2024-40125
Vulnrichment
Updated: 2024-09-19T19:18:28.253Z
NVD
Status : Received
Published: 2024-09-19T19:15:24.350
Modified: 2024-09-19T20:35:24.513
Link: CVE-2024-40125
Redhat
No data.