Remote Code Execution Vulnerability in NASCENT RemKon Device Manager 4.0.0.0 Image Upload Feature

Remote Code Execution Vulnerability in NASCENT RemKon Device Manager 4.0.0.0 Image Upload Feature

CVE-2021-38613 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

The assets/index.php Image Upload feature of the NASCENT RemKon Device Manager 4.0.0.0 allows attackers to upload any code to the target system and achieve remote code execution.

Learn more about our Web Application Penetration Testing UK.