CVE-2023-26830

EUVD-2023-30622
An unrestricted file upload vulnerability in the administrative portal branding component of Gladinet CentreStack before 13.5.9808 allows authenticated attackers to execute arbitrary code by uploading malicious files to the server.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.2 HIGH
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 44%
Affected Products (NVD)
VendorProductVersion
gladinetcentrestack
𝑥
< 13.5.9808
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.whiteoaksecurity.com/blog/centrestack-disclosure/
https://www.whiteoaksecurity.com/blog/centrestack-disclosure/