Security Advisory

CVE-2023-38029

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-08-28 05:59:47

Last updated 2024-10-03 16:16:59

Assigner twcert

State PUBLISHED

Description

Saho’s attendance devices ADM100 and ADM-100FP has insufficient filtering for special characters and file type within their file uploading function. A unauthenticate remote attacker authenticated can upload and execute arbitrary files to perform arbitrary system commands or disrupt service.

← Browse all CVEs View on cve.org ↗