In EMC Avamar Server Software 7.4.1-58, 7.4.0-242, 7.3.1-125, 7.3.0-233, 7.3.0-226, an unauthorized attacker may leverage the file upload feature of the system maintenance page to load a maliciously crafted file to any directory which could allow the attacker to execute arbitrary code on the Avamar Server system.
CPE | Name | Operator | Version |
---|---|---|---|
avamar_server | eq | 7.3.0-233 | |
avamar_server | eq | 7.3.1-125 | |
avamar_server | eq | 7.3.0-226 | |
avamar_server | eq | 7.4.0-242 | |
avamar_server | eq | 7.4.1-58 |