← back
CVE-2020-5811

CVE-2020-5811

EPSS 9.4%
An authenticated path traversal vulnerability exists during package installation in Umbraco CMS <= 8.9.1 or current, which could result in arbitrary files being written outside of the site home and expected paths when installing an Umbraco package.
Affected products
n/a · Umbraco CMS
public PoCs found2
cve_referencepacketstormsecurity.com/files/163965/Umbraco-CMS-8.9.1-Traversal-Arbitrary-File-Write.htmlunverifiedexploitdbwww.exploit-db.com/exploits/50241unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/163965/Umbraco-CMS-8.9.1-Traversal-Arbitrary-File-Write.htmlhttps://www.tenable.com/security/research/tra-2020-59