Wednesday, September 29, 2021

Arbitrary File Write - cobbler [,3.2.2)

Overview

cobbler is a network install server.

Affected versions of this package are vulnerable to Arbitrary File Write via the upload_log_data XMLRPC function, due to missing sanitization.

Note: Exploitable only if the anamon_enabled setting is enabled.

Remediation

Upgrade cobbler to version 3.2.2 or higher.

References

 

Copyright © 2021 Vulnerability Database | Cyber Details™

thank you Templateism for the design - You should have written the code a little more complicated - Nothing Encrypted anymore