Security Advisory

CVE-2019-10267

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-07-26 20:53:37

Last updated 2024-08-04 22:17:19

Assigner mitre

State PUBLISHED

Description

An insecure file upload and code execution issue was discovered in Ahsay Cloud Backup Suite 8.1.0.50. It is possible to upload a file into any directory of the server. One can insert a JSP shell into the web servers directory and execute it. This leads to full access to the system, as the configured user (e.g., Administrator).

← Browse all CVEs View on cve.org ↗