Security Advisory

CVE-2018-17984

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-10-04 23:00:00

Last updated 2024-08-05 11:01:14

Assigner mitre

State PUBLISHED

Description

An unanchored /[a-z]{2}/ regular expression in ISPConfig before 3.1.13 makes it possible to include arbitrary files, leading to code execution. This is exploitable by authenticated users who have local filesystem access.

← Browse all CVEs View on cve.org ↗