3 matches found
CVE-2022-24688
An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. The Touch settings allow unrestricted file upload and consequently Remote Code Execution via PDF upload with PHP content and a .php extension. The attacker must hijack or obtain privileged user access to the Parameters page in order...
CVE-2022-24688
creationtimestamp| type| source ---|---|--- 2022-07-18 16:36:27+00:00| seen| https://t.me/cibsecurity/46443...
CVE-2022-24688
CVE-2022-24688 affects DSK DSKNet 2.16.136.0 and 2.17.136.5. The issue allows unrestricted file upload via PDF content that uses a PHP extension, enabling Remote Code Execution. An attacker must obtain privileged access to the Parameters page (via Broken Access Control with brute-force or SQL Inj...