Authenticated Remote Code Execution via Command Injection in Pydio 4.2.1 through 8.2.1

Authenticated Remote Code Execution via Command Injection in Pydio 4.2.1 through 8.2.1

CVE-2018-14772 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

Pydio 4.2.1 through 8.2.1 has an authenticated remote code execution vulnerability in which an attacker with administrator access to the web application can execute arbitrary code on the underlying system via Command Injection.

Learn more about our Web App Pen Testing.