ГлавнаяУязвимости → CVE-2024-6707
8.8высокая

CVE-2024-6707

Описание

Attacker controlled files can be uploaded to arbitrary locations on the web server's filesystem by abusing a path traversal vulnerability.

Затрагиваемое ПО
Openwebui Open webuiDebian Debian linux
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://korelogic.com/Resources/Advisories/KL-001-2024-006.txthttp://seclists.org/fulldisclosure/2024/Aug/4http://www.openwall.com/lists/oss-security/2024/08/08/7