Remote Code Execution Vulnerability in Pyload Download Manager
CVE-2024-32880

Currently unrated

Key Information:

Vendor: pyload
Vendor: CVE Published:; 26 April 2024

Summary

pyload is an open-source Download Manager written in pure Python. An authenticated user can change the download folder and upload a crafted template to the specified folder lead to remote code execution. There is no fix available at the time of publication.

References

https://github.com/pyload/pyload/security/advisories/GHSA...

Timeline

Vulnerability published
Apr 26, 2024