Faisalfs10x28ECD3FA-F05D-446F-B7FA-13C23EA548B1Relative Path Traversal to Remote Code Execution
7.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
MULTIPLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:M/C:P/I:P/A:P
0.005 Low
EPSS
Percentile
73.5%
Description
Pandora FMS v7.0NG.759 allows relative path traversal in File Manager where a privileged user could upload a .php file outside the intended images directory which is restricted to execute the .php file. The impact could lead to Remote Code Execution with running application privilege.
Proof of Concept
Affected version: Pandora FMS v7.0NG.759 - OUM 759 - MR 51
Affected component: Console
Affected endpoint:
POST http://$HOST/pandora_console/index.php?sec=gsetup&sec2=godmode/setup/file_manager
~
Request file passwd: X4v9W4qP87
Impact
This vulnerability is capable of executing OS Command with running application privilege.
References
7.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
MULTIPLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:M/C:P/I:P/A:P
0.005 Low
EPSS
Percentile
73.5%