CVE-2020-36825 | cyberaz0r WebRAT up to 20191222 Server/api.php download_file name unrestricted upload

Posted by Angelo Barbosa | Mar 23, 2024 | CVE

A vulnerability has been found in cyberaz0r WebRAT up to 20191222 and classified as critical. This vulnerability affects the function download_file of the file Server/api.php. The manipulation of the argument name leads to unrestricted upload.

This vulnerability was named CVE-2020-36825. The attack can be initiated remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2020-36825 | cyberaz0r WebRAT up to 20191222 Server/api.php download_file name unrestricted upload

Related Posts

CVE-2024-8349 | Uncanny Groups for LearnDash Plugin up to 6.1.0.1 on WordPress Remote Code Execution

CVE-2024-7754 | SourceCodester Clinics Patient Management System 1.0 check_medicine_name.php user_name sql injection

CVE-2023-5943 | Wp-Adv-Quiz Plugin up to 1.0.2 on WordPress Setting cross site scripting

CVE-2024-5309 | Form Vibes Plugin up to 1.4.12 on WordPress authorization