Lucene search
HistorySep 28, 2015 - 4:59 p.m.
CVE-2015-3203
cve-2015-3203
file upload
vulnerability
h5ai
remote code execution
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.8 High
AI Score
Confidence
Low
0.033 Low
EPSS
Percentile
91.4%
Unrestricted file upload vulnerability in h5ai before 0.25.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the directory specified by the href parameter.
Affected configurations
Node
h5ai_projecth5aiRange≤0.24.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| h5ai_project:h5ai | h5ai project h5ai | le | 0.24.1 |
Related
prion
prion
Unrestricted file upload
2015-09-28 16:59:00
cvelist
cvelist
CVE-2015-3203
2015-09-28 16:00:00
zdt
zdt
h5ai 0.25.0 - Unrestricted File Upload Exploit
2015-09-22 00:00:00
exploitpack
exploitpack
h5ai 0.25.0 - Unrestricted Arbitrary File Upload
2015-09-22 00:00:00
nvd
nvd
CVE-2015-3203
2015-09-28 16:59:00
exploitdb
exploitdb
h5ai < 0.25.0 - Unrestricted Arbitrary File Upload
2015-09-22 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.8 High
AI Score
Confidence
Low
0.033 Low
EPSS
Percentile
91.4%
Related for CVE-2015-3203