Back to search
CVE-2022-36264
Published: Aug 8, 2022
Modified: Aug 3, 2024
PUBLISHED
Description
In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists an Unauthenticated remote Arbitrary File Upload vulnerability which allows overwriting arbitrary files. A malicious actor can remotely upload a file of their choice and overwrite any file in the system by manipulating the filename and append a relative path that will be interpreted during the upload process. Using this method, it is possible to rewrite any file in the system or upload a new file.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://gist.github.com/Nwqda/e82b3155401b094372195fdaa9b54833
x_refsource_MISC
https://wdi.rfwel.com/cdn/techdocs/AirSpot5410.pdf
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now