CVE-2021-32538

Summary

ARTWARE CMS parameter of image upload function does not filter the type of upload files which allows remote attackers can upload arbitrary files without logging in, and further execute code unrestrictedly.

Affected Software

VendorProductVersion RangeStatus
ARTWARECMSunspecified <= 2021/1/8affected

Weaknesses

  • CWE-434: CWE-434 Unrestricted Upload of File with Dangerous Type

ADP Enrichment

CVE Program Container

Additional References

References