CVE-2023-26830

An unrestricted file upload vulnerability in the administrative portal branding component of Gladinet CentreStack before 13.5.9808 allows authenticated attackers to execute arbitrary code by uploading malicious files to the server.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.2 HIGH
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 29%
VendorProductVersion
gladinetcentrestack
𝑥
< 13.5.9808
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.whiteoaksecurity.com/blog/centrestack-disclosure/
https://www.whiteoaksecurity.com/blog/centrestack-disclosure/