Showing 1 - 1 of 1

CVE-2024-25153

Status Candidate

Overview

A directory traversal within the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal allows files to be uploaded outside of the intended ‘uploadtemp’ directory with a specially crafted POST request. In situations where a file is successfully uploaded to web portal’s DocumentRoot, specially crafted JSP files could be used to execute code, including web shells.

Related Files

Fortra FileCatalyst Workflow 5.x Remote Code Execution: Posted Mar 19, 2024; Authored by nettitude | Site labs.nettitude.com; This is a proof of concept exploit for CVE-2024-25153, a remote code execution vulnerability in Fortra FileCatalyst Workflow versions 5.x, before 5.1.6 Build 114.; tags | exploit, remote, code execution, proof of concept; advisories | CVE-2024-25153; SHA-256 | 2a8afe7aeb8387754a5e1093b278c99cf0daa3ee2f0907df1d3ea9383e5f2a54; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 287 files
Ubuntu 60 files
Debian 32 files
Gentoo 28 files
LiquidWorm 10 files
nu11secur1ty 7 files
Adam Gowdiak 4 files
liquidsky 3 files
kai6u 3 files
malvuln 3 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,036)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,495)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,567)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,739)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,489)
UNIX (9,397)
UnixWare (187)
Windows (6,656)
Other

CVE-2024-25153

Overview

Related Files

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems