Arbitrary File Upload Vulnerability in MCMS 5.2.7 Allows Remote Code Execution via Crafted ZIP File

Arbitrary File Upload Vulnerability in MCMS 5.2.7 Allows Remote Code Execution via Crafted ZIP File

CVE-2022-30506 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

An arbitrary file upload vulnerability was discovered in MCMS 5.2.7, allowing an attacker to execute arbitrary code through a crafted ZIP file.

Learn more about our Cms Pen Testing.