Security Advisory

CVE-2022-1648

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-07-26 14:24:32

Last updated 2024-09-16 19:47:11

Assigner INCIBE

State PUBLISHED

Description

Pandora FMS v7.0NG.760 and below allows a relative path traversal in File Manager where a privileged user could upload a .php file outside the intended images directory which is restricted to execute the .php file. The impact could lead to a Remote Code Execution with running application privilege.

← Browse all CVEs View on cve.org ↗