CVE-2024-28269

CVSS 7.2 HIGHEPSS 1.0%CWE-434

ReCrystallize Server 5.10.0.0 allows administrators to upload files to the server. The file upload is not restricted, leading to the ability to upload of malicious files. This could result in a Remote Code Execution.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Produtos afetados

n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://sensepost.com/blog/2024/from-discovery-to-disclosure-recrystallize-server-vulnerabilities/https://www.recrystallize.com/merchant/ReCrystallize-Server-for-Crysta