Arbitrary File Upload Vulnerability in NUUO CMS (Versions 3.3 and Prior)

Arbitrary File Upload Vulnerability in NUUO CMS (Versions 3.3 and Prior)

CVE-2018-17936 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

NUUO CMS All versions 3.3 and prior the application allows the upload of arbitrary files that can modify or overwrite configuration files to the server, which could allow remote code execution.

Learn more about our Cis Benchmark Audit For Server Software.