Unrated severityNVD Advisory· Published Jan 27, 2020· Updated Aug 6, 2024
CVE-2013-7390
CVE-2013-7390
Description
Unrestricted file upload vulnerability in AgentLogUploadServlet in ManageEngine DesktopCentral 7.x and 8.0.0 before build 80293 allows remote attackers to execute arbitrary code by uploading a file with a jsp extension, then accessing it via a direct request to the file in the webroot.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- ManageEngine/DesktopCentraldescription
- Range: 7.x, 8.0.0 before build 80293
Patches
Vulnerability mechanics
References
2- seclists.org/fulldisclosure/2013/Nov/130mitrex_refsource_MISC
- github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/desktopcentral_file_upload.rbmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.