cockpit-hq/cockpit is vulnerable to Remote Code Execution (RCE). The vulnerability is due to a lack of file extension validation for user supplied files which allows an attacker to upload and execute malicious PHP code.
CPE | Name | Operator | Version |
---|---|---|---|
cockpit-hq/cockpit | le | 2.4.0 | |
cockpit-hq/cockpit | le | 2.4.0 |