← volver
CVE-2022-29623

CVE-2022-29623

EPSS 1.2%
An arbitrary file upload vulnerability in the file upload module of Express Connect-Multiparty 2.2.0 allows attackers to execute arbitrary code via a crafted PDF file. NOTE: the Supplier has not verified this vulnerability report.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/expressjs/connect-multiparty/releases/tag/2.2.0https://www.npmjs.com/package/connect-multipartyhttps://www.youtube.com/watch?v=i3xJR-91rrM