2 matches found
CVE-2018-16169
Cybozu Remote Service vulnerable from version 3.0.0 to 3.1.0 to upload and execute arbitrary Java code on the server via the logo setting screen (CVE-2018-16169). The issue enables remote authenticated attackers to run Java code, with impact described as remote code execution on the server. The C...
JVN#23161885: Multiple vulnerabilities in Cybozu Remote Service
Cybozu Remote Service provided by Cybozu, Inc. contains multiple vulnerabilities listed below. Upload of arbitrary files in logo setting screen CWE-434 - CVE-2018-16169 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H| Base Score: 8.8 CVSS v2|...