SUNNET CTMS has vulnerability of path traversal within its file uploading function. An authenticated remote attacker with general user privilege can exploit this vulnerability to upload and execute scripts onto arbitrary directories to perform arbitrary system operation or disrupt service.
References
Link | Resource |
---|---|
https://www.twcert.org.tw/tw/cp-132-7033-878ab-1.html | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: twcert
Published: 2023-04-27T00:00:00
Updated: 2023-04-27T00:00:00
Reserved: 2023-01-31T00:00:00
Link: CVE-2023-24836
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-04-27T02:15:09.243
Modified: 2023-05-08T17:41:05.390
Link: CVE-2023-24836
JSON object: View
Redhat Information
No data.
CWE