virus logo Intrusion Prevention

Teampass.upload.files.php.Arbitrary.File.Upload

description-logoDescription

This indicates an attack attempt to exploit a remote Code Execution vulnerability in Teampass.
The vulnerability is due to a lack of input validation when processing file uploading HTTP requests. An attacker can exploit this to execute arbitrary code within the context of the target application, via a crafted request.

affected-products-logoAffected Products

Teampass.net Teampass prior to 2.1.26.4

Impact logoImpact

System Compromise: Remote attackers can execute arbitrary code within the context of the target application.

recomended-action-logoRecommended Actions

Apply the latest patch from the vendor.
https://github.com/nilsteampassnet/TeamPass/commit/4212d040ec079ea0e010a07626795b018f2f4e7e

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

https://github.com/nilsteampassnet/TeamPass/commit/4212d040ec079ea0e010a07626795b018f2f4e7e https://www.vulnerability-lab.com/get_content.php?id=1866
ID 43437
Created Nov 25, 2016
Updated May 04, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
CVE ID
Default Action drop
Active
Affected OS Other
Affected App Other