Unrestricted upload of dangerous file types in the C21 Live Encoder and Live Mosaic product, version 5.3. This vulnerability allows a remote attacker to upload different file extensions without any restrictions, resulting in a full system compromise.
References
Link | Resource |
---|---|
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-cires21-products | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: INCIBE
Published: 2024-01-17T13:44:19.779Z
Updated: 2024-01-17T13:44:19.779Z
Reserved: 2024-01-17T10:35:34.863Z
Link: CVE-2024-0643
JSON object: View
NVD Information
Status : Analyzed
Published: 2024-01-17T14:15:43.920
Modified: 2024-01-24T19:27:40.553
Link: CVE-2024-0643
JSON object: View
Redhat Information
No data.
CWE