The 'IMAGES_JSON' and 'attachments_to_remove[]' parameters of the '/adminui/advisory.php' script in the Quest KACE System Management Virtual Appliance 8.0.318 can be abused to write and delete files respectively via Directory Traversal. Files can be at any location where the 'www' user has write permissions.
References
Link | Resource |
---|---|
https://www.coresecurity.com/advisories/quest-kace-system-management-appliance-multiple-vulnerabilities | Exploit Technical Description Third Party Advisory |
Configurations
Information
Published : 2018-05-31 11:29
Updated : 2018-06-29 11:52
NVD link : CVE-2018-11141
Mitre link : CVE-2018-11141
JSON object : View
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Products Affected
quest
- kace_system_management_appliance