CVE-2025-48732
CVE-2025-48732
An incomplete blacklist exists in the .htaccess sample of WWBN AVideo 14.4 and dev master commit 8a8954ff. A specially crafted HTTP request can lead to a arbitrary code execution. An attacker can request a .phar file to trigger this vulnerability.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Produtos afetados
WWBN · AVideoQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →