CVE-2019-20050
EUVD-2019-1060630.01.2020, 16:15
Pandora FMS ≤ 7.42 suffers from a remote code execution vulnerability. To exploit the vulnerability, an authenticated user should create a new folder with a "tricky" name in the filemanager. The exploit works when the php-fileinfo extension is disabled on the host system. The attacker must include shell metacharacters in the content type.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| artica | pandora_fms | 7.42 |
𝑥
= Vulnerable software versions