File Overwrite Vulnerability in Plixer Scrutinizer Web Console
CVE-2012-2627

Currently unrated

Key Information:

Vendor: Sonicwall
Status: Scrutinizer
Vendor: CVE Published:; 31 July 2012

What is CVE-2012-2627?

A vulnerability in the web console of Plixer Scrutinizer before version 9.5.0 allows remote attackers to exploit the functionality of the uploader.php file. By using a crafted multipart/form-data POST request, an attacker can create or overwrite arbitrary files within the installation directory of Scrutinizer. This exploitation could lead to unauthorized access and potential manipulation of critical system files, posing a significant risk to the integrity of the affected system.

References

https://www.trustwave.com/spiderlabs/advisories/TWSL2012-...

x_refsource_MISC

http://www.plixer.com/Press-Releases/plixer-releases-9-5-...

x_refsource_MISC

EPSS Score

9% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jul 31, 2012

Sonicwall

What is CVE-2012-2627?

References

EPSS Score

Timeline