CVE-2022-1648

Pandora FMS v7.0NG.760 and below allows a relative path traversal in File Manager where a privileged user could upload a .php file outside the intended images directory which is restricted to execute the .php file. The impact could lead to a Remote Code Execution with running application privilege.
Configurations

Configuration 1

cpe:2.3:a:pandorafms:pandora_fms:*:*:*:*:*:*:*:*

Information

Published : 2022-07-26 03:15

Updated : 2022-08-02 06:47


NVD link : CVE-2022-1648

Mitre link : CVE-2022-1648

Products Affected
No products.
CWE