Vulnerability identifier: #VU64686
Vulnerability risk: High
Exploitation vector: Network
Exploit availability: No
The vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to controls limiting uploads to certain file extensions may be bypassed. A remote attacker can intercept the initial file upload page response and modify the associated code, leading to arbitrary file upload.
Install update from vendor's website.
Vulnerable software versions
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?