Arbitrary File Upload Vulnerability in Bludit by Bludit
CVE-2020-19228

7.2HIGH

Key Information:

Vendor

Bludit

Status
Bludit
Vendor
CVE Published:
11 May 2022

What is CVE-2020-19228?

An arbitrary file upload vulnerability was discovered in Bludit v3.13.0, stemming from an insecure implementation of the backup plugin. This flaw enables attackers to upload malicious files to the server, potentially compromising system integrity and allowing unauthorized access. It is crucial for users to apply recommended patches or update to secure versions to mitigate the risks associated with this vulnerability.

References

https://github.com/bludit/bludit/issues/1242
x_refsource_MISC
http://bludit.com
x_refsource_MISC

CVSS V3.1

Score:
7.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.