6 matches found
CVE-2022-27249
An unrestricted file upload vulnerability in IdeaRE RefTree before 2021.09.17 allows remote authenticated users to execute arbitrary code by using UploadDwg to upload a crafted aspx file to the web root, and then visiting the URL for this aspx resource...
CVE-2022-27249
creationtimestamp| type| source ---|---|--- 2022-04-04 02:27:10+00:00| seen| https://t.me/cibsecurity/40081...
CVE-2022-27249
An unrestricted file upload vulnerability in IdeaRE RefTree before 2021.09.17 allows remote authenticated users to execute arbitrary code by using UploadDwg to upload a crafted aspx file to the web root, and then visiting the URL for this aspx resource...
CVE-2022-27249
CVE-2022-27249 describes an unrestricted file upload in IdeaRE RefTree prior to 2021.09.17. The vulnerability allows remote authenticated users to upload a crafted aspx file to the web root via the UploadDwg feature and then access the resource to execute arbitrary code. Impact is high (remote co...
IdeaRE RefTree Shell Upload
=============================================================================== title: IdeaRE RefTree Remote Code Execution product: IdeaRE RefTree 2021.09.17 vulnerability type: Unrestricted File Upload CVE ID: CVE-2022-27249 severity: High CVSSv3 score: 8.8 CVSSv3 vector:...
IdeaRE RefTree Shell Upload Vulnerability
=============================================================================== title: IdeaRE RefTree Remote Code Execution product: IdeaRE RefTree 2021.09.17 vulnerability type: Unrestricted File Upload CVE ID: CVE-2022-27249 severity: High CVSSv3 score: 8.8 CVSSv3 vector:...