HomePentest-Tools.com Logo

HTTP File Server Remote Command Execution Vulnerability-01 Jan16 CVE-2014-7226

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

HTTP File Server is prone to a remote command execution (RCE) vulnerability.

Risk description

The flaw is due to the application does not properly validate uft-8 broken byte representation Successful exploitation will allow an attacker to execute arbitrary code by uploading a file with certain invalid UTF-8 byte sequences that are interpreted as executable macro symbols.

Recommendation

Update to version 2.3d or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Oct 10, 2014
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available