An unrestricted file upload vulnerability in the FileTransferServlet component of Extensis Portfolio v4.0 allows remote attackers to execute arbitrary code via a crafted file.
References
Link | Resource |
---|---|
http://extensis.com | Product |
http://portfolio.com | Not Applicable |
https://www.whiteoaksecurity.com/blog/extensis-portfolio-vulnerability-disclosure/ | Exploit Third Party Advisory |
http://extensis.com | Product |
http://portfolio.com | Not Applicable |
https://www.whiteoaksecurity.com/blog/extensis-portfolio-vulnerability-disclosure/ | Exploit Third Party Advisory |
Configurations
History
21 Nov 2024, 06:50
Type | Values Removed | Values Added |
---|---|---|
References | () http://extensis.com - Product | |
References | () http://portfolio.com - Not Applicable | |
References | () https://www.whiteoaksecurity.com/blog/extensis-portfolio-vulnerability-disclosure/ - Exploit, Third Party Advisory |
Information
Published : 2022-03-01 23:15
Updated : 2024-11-21 06:50
NVD link : CVE-2022-24252
Mitre link : CVE-2022-24252
CVE.ORG link : CVE-2022-24252
JSON object : View
Products Affected
extensis
- portfolio
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type