4 matches found
CVE-2021-40905
The web management console of CheckMK Enterprise Edition versions 1.5.0 to 2.0.0p9 does not properly sanitise the uploading of ".mkp" files, which are Extension Packages, making remote code execution possible. Successful exploitation requires access to the web management interface, either with...
CVE-2021-40905
The web management console of CheckMK Enterprise Edition versions 1.5.0 to 2.0.0p9 does not properly sanitise the uploading of ".mkp" files, which are Extension Packages, making remote code execution possible. Successful exploitation requires access to the web management interface, either with...
CVE-2021-40905
The CVE-2021-40905 issue affects Checkmk Enterprise Edition where the web management console does not properly sanitize uploads of ".mkp" Extension Packages, enabling remote code execution. OpenVAS details list Checkmk versions 1.5.x through 2.0.0p17 as vulnerable; the NVD entry covers 1.5.0–2.0....
Exploit for Unrestricted Upload of File with Dangerous Type in Checkmk
CVE-2021-40905 - RCE via a crafted .mkp file Application:...