CVE-2020-7847
7.4
CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Summary
The ipTIME NAS product allows an arbitrary file upload vulnerability in the Manage Bulletins/Upload feature, which can be leveraged to gain remote code execution. This issue affects: pTIME NAS 1.4.36.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| EFM Networks | ipTIME NAS | 1.4.36 | affected |
Weaknesses
- CWE-434: CWE-434 Unrestricted Upload of File with Dangerous Type
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.