Lucene search
PRIOn knowledge basePRION:CVE-2023-25909HistoryMar 27, 2023 - 4:15 a.m.
Design/Logic Flaw
2023-03-2704:15:00
PRIOn knowledge base
www.prio-n.com
6
file upload vulnerability
remote code execution
arbitrary command execution
service disruption
HGiga OAKlouds file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker can exploit this vulnerability to upload and run arbitrary executable files to perform arbitrary command or disrupt service.
| CPE | Name | Operator | Version |
|---|---|---|---|
| oaklouds_portal | ge | 3.0 | |
| oaklouds_portal | lt | 3.0 | |
| oaklouds_portal | ge | 2.0 | |
| oaklouds_portal | lt | 2.0 |
Related
cvelist
cvelist
CVE-2023-25909 HGiga Inc. OAKlouds - Arbitrary File Upload
2023-03-27 00:00:00
nvd
nvd
CVE-2023-25909
2023-03-27 04:15:10
cve
cve
CVE-2023-25909
2023-03-27 04:15:10