6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
70.0%
EasyCTF is a server side CGI used to score CTF (Capture The Flag). EasyCTF contains a vulnerability that may allow a remote attacker to create arbitrary files (CWE-22).
An arbitrary file created by an attacker may result in arbitrary code being executed on the server.
Update the Software
Update to the latest version according to the information provided by the developer.