← voltar
CVE-2021-29246

CVE-2021-29246

EPSS 1.5%
BTCPay Server through 1.0.7.0 suffers from directory traversal, which allows an attacker with admin privileges to achieve code execution. The attacker must craft a malicious plugin file with special characters to upload the file outside of the restricted directory.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://blog.btcpayserver.org/vulnerability-disclosure-v1-0-7-0/https://github.com/btcpayserver/btcpayserver/releases