SEOPanel 4.6.0 Authenticated File Upload Remote Code Execution Vulnerability

SEOPanel 4.6.0 Authenticated File Upload Remote Code Execution Vulnerability

CVE-2020-27461 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

A remote code execution vulnerability in SEOPanel 4.6.0 has been fixed for 4.7.0. This vulnerability allowed for remote code execution through an authenticated file upload via the Settings Panel>Import website function.

Learn more about our Web App Pen Testing.