|Category:||Web application abuses|
|Title:||OCS Inventory NG <= 2.5.0 Remote Shell Upload Vulnerability|
|Summary:||OCS Inventory NG <= 2.5.0 is prone to a remote shell upload vulnerability.|
OCS Inventory NG <= 2.5.0 is prone to a remote shell upload vulnerability.
OCS Inventory NG could allow a remote authenticated attacker to upload arbitrary files. By sending a specially-crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious PHP script, which could allow the attacker to execute arbitrary PHP code on the vulnerable system.
Remotely authenticated attackers might use this vulnerability to execute arbitrary code on the target.
OCS Inventory NG version <= 2.5.0
No known solution is available as of 23rd November, 2018.
Information regarding this issue will be updated once solution details are available.
Common Vulnerability Exposure (CVE) ID: CVE-2018-15537|
|Copyright||This script is Copyright (C) 2018 Greenbone Networks GmbH|
|This is only one of 71225 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.