Unrestricted Upload Vulnerability in BlogEngine.Net 3.3.8.0 and Earlier

Unrestricted Upload Vulnerability in BlogEngine.Net 3.3.8.0 and Earlier

CVE-2023-33404 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

An Unrestricted Upload vulnerability, due to insufficient validation on UploadControlled.cs file, in BlogEngine.Net version 3.3.8.0 and earlier allows remote attackers to execute remote code.

Learn more about our Web Application Penetration Testing UK.