NUUO CMS All versions 3.3 and prior the application allows the upload of arbitrary files that can modify or overwrite configuration files to the server, which could allow remote code execution.
References
Link | Resource |
---|---|
https://ics-cert.us-cert.gov/advisories/ICSA-18-284-02 | Mitigation Third Party Advisory US Government Resource |
Configurations
History
No history.
Information
Published : 2018-11-27 20:29
Updated : 2024-02-28 16:48
NVD link : CVE-2018-17936
Mitre link : CVE-2018-17936
CVE.ORG link : CVE-2018-17936
JSON object : View
Products Affected
nuuo
- nuuo_cms
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type