Critical severity9.8NVD Advisory· Published Jun 16, 2018· Updated Jun 17, 2026
CVE-2018-11221
CVE-2018-11221
Description
Unauthenticated untrusted file upload in Artica Pandora FMS through version 7.23 allows an attacker to upload an arbitrary plugin via include/ajax/update_manager.ajax in the update system.
Affected products
2- Range: <=7.23
- Range: <=7.23
Patches
Vulnerability mechanics
References
2- blog.hackercat.ninja/post/pandoras_box/nvdThird Party Advisory
- pandorafms.com/wp-content/uploads/2018/06/whats-new-723-EN.pdfnvdVendor Advisory
News mentions
0No linked articles in our index yet.