ReadyDesk.Unrestricted.Arbitrary.File.Upload
Description
This indicates an attack attempt to exploit an Arbitrary File Upload Vulnerability in ReadyDesk.
The vulnerability is due to an design flaw in the vulnerable application when handling a file upload request without authentication. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via upload an arbitrary file without any authentication.
Affected Products
ReadyDesk version 9.1
Impact
System Compromise: Remote attackers can execute arbitrary command execution under the security context of the root user.
Recommended Actions
From the vendor, apply the upgrade to version 9.2 or above.
http://readydesk.com/news.asp?ID=88
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2019-06-06 | 14.627 | Severity:high:critical |