Main
Vulnerability Database
Exploits
ID:5659 - Exploit for Code Injection in Sentrifugo - CVE-2019-15813
ID:5659 - Exploit for Code Injection in Sentrifugo - CVE-2019-15813
Published: June 17, 2021
Vulnerability identifier: #VU35582
Vulnerability risk: High
CVE-ID: CVE-2019-15813
CWE-ID: CWE-94
Exploitation vector: Remote access
Vulnerable software:
Sentrifugo
Sentrifugo
Link to public exploit:
Vulnerability description
The vulnerability allows a remote authenticated user to execute arbitrary code.
Multiple file upload restriction bypass vulnerabilities in Sentrifugo 3.2 could allow authenticated users to execute arbitrary code via a webshell.
Remediation
Install update from vendor's website.