mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 17:22:02 +00:00
830 B
830 B
CVE-2017-15012
Description
OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 does not properly validate the input of the PUT_FILE RPC-command, which allows any authenticated user to hijack an arbitrary file from the Content Server filesystem; because some files on the Content Server filesystem are security-sensitive, this leads to privilege escalation.
POC
Reference
Github
No PoCs found on GitHub currently.