mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
937 B
937 B
CVE-2023-42000
&color=brighgreen)
Description
Arcserve UDP prior to 9.2 contains a path traversal vulnerability in com.ca.arcflash.ui.server.servlet.FileHandlingServlet.doUpload(). An unauthenticated remote attacker can exploit it to upload arbitrary files to any location on the file system where the UDP agent is installed.
POC
Reference
- https://www.tenable.com/security/research/tra-2023-37
- https://www.tenable.com/security/research/tra-2023-37
Github
No PoCs found on GitHub currently.