CVE-2021-36697

With an admin account, the .htaccess file in Artica Pandora FMS <=755 can be overwritten with the File Manager component. The new .htaccess file contains a Rewrite Rule with a type definition. A normal PHP file can be uploaded with this new "file type" and the code can be executed with an HTTP request.
Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.7 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 47%
VendorProductVersion
articapandora_fms
𝑥
≤ 755
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://artica.com
http://pandora.com
https://k4m1ll0.com/chained_exploit_htaccess.html
http://artica.com
http://pandora.com
https://k4m1ll0.com/chained_exploit_htaccess.html