Path Traversal Vulnerability in Maarch RM 2.5 Allows Remote File Overwrite and Denial of Service

Path Traversal Vulnerability in Maarch RM 2.5 Allows Remote File Overwrite and Denial of Service

CVE-2019-15855 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

An issue was discovered in Maarch RM before 2.5. A path traversal vulnerability allows an unauthenticated remote attacker to overwrite any files with a crafted POST request if the default installation procedure was followed. This results in a permanent Denial of Service.

Learn more about our Web Application Penetration Testing UK.