Unrestricted File Upload Vulnerability in Pandora FMS: Allowing Code Execution via PHP File Uploads

Unrestricted File Upload Vulnerability in Pandora FMS: Allowing Code Execution via PHP File Uploads

CVE-2023-41788 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Unrestricted Upload of File with Dangerous Type vulnerability in Pandora FMS on all allows Accessing Functionality Not Properly Constrained by ACLs. This vulnerability allows attackers to execute code via PHP file uploads. This issue affects Pandora FMS: from 700 through 773.

Learn more about our Web Application Penetration Testing UK.