|Number of vulnerabilities||1|
Other software / Other software solutions
|Vendor||Michael Shihjay Chen|
This security bulletin contains one medium risk vulnerability.
CWE-434 - Unrestricted Upload of File with Dangerous Type
Exploit availability: NoDescription
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to insufficient validation of file during file upload in the practice logo upload feature. A remote user can upload a malicious file and execute it on the server.Mitigation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.Vulnerable software versions
Docker-NOSH: All versions
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?