Arbitrary Command Execution Vulnerability in UCMS v1.4.8's fopen() Function

Arbitrary Command Execution Vulnerability in UCMS v1.4.8's fopen() Function

CVE-2020-25483 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

An arbitrary command execution vulnerability exists in the fopen() function of file writes of UCMS v1.4.8, where an attacker can gain access to the server.

Learn more about our Cis Benchmark Audit For Server Software.