How severe is CVE-2024-25153?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2024-25153?

This is classified as CWE-472, which is a common weakness in software security.

CVE-2024-25153

CRITICAL Year: 2024

CVSS v3 Score

9.8

Critical

Weakness Type

CWE-472

View all →

Vulnerability Description

A directory traversal within the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal allows files to be uploaded outside of the intended ‘uploadtemp’ directory with a specially crafted POST request. In situations where a file is successfully uploaded to web portal’s DocumentRoot, specially crafted JSP files could be used to execute code, including web shells.

CVE-2021-1289

CRITICAL

CVSS:9.8(Critical)

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute a...

CWE-4722021