Arbitrary File Upload Vulnerability in Gigamon GigaVUE 5.5.01.11
CVE-2020-12252 · MEDIUM Severity
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H
An issue was discovered in Gigamon GigaVUE 5.5.01.11. The upload functionality allows an arbitrary file upload for an authenticated user. If an executable file is uploaded into the www-root directory, then it could yield remote code execution via the filename parameter.
Learn more about our User Device Pen Test.