CVE-2018-15537

CVE-2018-15537

EPSS 5.0%

Unrestricted file upload (with remote code execution) in OCS Inventory NG ocsreports allows a privileged user to gain access to the server via crafted HTTP requests.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://packetstormsecurity.com/files/150330/OCS-Inventory-NG-ocsreports-Shell-Upload.html http://seclists.org/fulldisclosure/2018/Nov/40