CVE-2020-28871

Critical

Remote code execution in Monitorr v1.7.6m in upload.php allows an unauthorized person to execute arbitrary code on the server-side via an…

mitre·CWE-434·Published 2021-02-10

CVSS

9.8

EPSS

0.86

KEV

Exploits

cve.orgen

159 chars

Remote code execution in Monitorr v1.7.6m in upload.php allows an unauthorized person to execute arbitrary code on the server-side via an insecure file upload.

NVDen

159 chars

Remote code execution in Monitorr v1.7.6m in upload.php allows an unauthorized person to execute arbitrary code on the server-side via an insecure file upload.

Una ejecución de código remota en Monitorr versión v1.7.6m, en el archivo upload.php permite a una persona no autorizada ejecutar código arbitrario en el lado del servidor por medio de una carga de archivo no segura

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H