Main Vulnerability Database Exploits ID:4767 - Exploit for Code Injection in Sentrifugo - CVE-2019-15813

ID:4767 - Exploit for Code Injection in Sentrifugo - CVE-2019-15813

Published: October 28, 2020

Vulnerability identifier: #VU35582

Vulnerability risk: High

CVE-ID: CVE-2019-15813

CWE-ID: CWE-94

Exploitation vector: Remote access

Vulnerable software:
Sentrifugo

Link to public exploit:

The vulnerability allows a remote authenticated user to execute arbitrary code.

Multiple file upload restriction bypass vulnerabilities in Sentrifugo 3.2 could allow authenticated users to execute arbitrary code via a webshell.

Install update from vendor's website.