Lucene search
HistoryMay 31, 2011 - 8:55 p.m.
CVE-2011-1329
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.4 High
AI Score
Confidence
Low
0.013 Low
EPSS
Percentile
86.2%
WalRack 1.x before 1.1.9 and 2.x before 2.0.7 does not properly restrict file uploads, which allows remote attackers to execute arbitrary PHP code via vectors involving a double extension, as demonstrated by a .php.zzz file.
Affected configurations
Node
walrus_digitwalrackMatch1.0.1
ORwalrus_digitwalrackMatch1.1.1
ORwalrus_digitwalrackMatch1.1.2
ORwalrus_digitwalrackMatch1.1.3
ORwalrus_digitwalrackMatch1.1.4
ORwalrus_digitwalrackMatch1.1.5
ORwalrus_digitwalrackMatch1.1.6
ORwalrus_digitwalrackMatch1.1.7
ORwalrus_digitwalrackMatch1.1.8
ORwalrus_digitwalrackMatch2.0.1
ORwalrus_digitwalrackMatch2.0.2
ORwalrus_digitwalrackMatch2.0.3
ORwalrus_digitwalrackMatch2.0.4
ORwalrus_digitwalrackMatch2.0.5
ORwalrus_digitwalrackMatch2.0.6
Related
cvelist
cvelist
CVE-2011-1329
2011-05-31 20:00:00
CVE-2011-2215
2011-05-31 20:00:00
cve
cve
CVE-2011-1329
2011-05-31 20:55:02
CVE-2011-2215
2011-05-31 20:55:05
jvn
jvn
JVN#46984044: WalRack upload file handilng vulnerability
2011-05-26 00:00:00
prion
prion
Code injection
2011-05-31 20:55:00
Arbitrary file deletion
2011-05-31 20:55:00
nvd
nvd
CVE-2011-2215
2011-05-31 20:55:05
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.4 High
AI Score
Confidence
Low
0.013 Low
EPSS
Percentile
86.2%
Related for NVD:CVE-2011-1329