CVE-2021-42675

CVE-2021-42675

EPSS 3.0%

Kreado Kreasfero 1.5 does not properly sanitize uploaded files to the media directory. One can upload a malicious PHP file and obtain remote code execution.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://kreado.com http://kreasfero.com https://twitter.com/1ofThegutHakrs/status/1536246485188128768