Unrestricted File Upload Vulnerability in Sentrifugo 3.2
CVE-2020-26803 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
In Sentrifugo 3.2, users can upload an image under "Assets -> Add" tab. This "Upload Images" functionality is suffered from "Unrestricted File Upload" vulnerability so attacker can upload malicious files using this functionality and control the server.
Learn more about our Cis Benchmark Audit For Server Software.