VYPR
Unrated severityNVD Advisory· Published May 4, 2021· Updated Aug 3, 2024

CVE-2021-26804

CVE-2021-26804

Description

Insecure Permissions in Centreon Web versions 19.10.18, 20.04.8, and 20.10.2 allows remote attackers to bypass validation by changing any file extension to ".gif", then uploading it in the "Administration/ Parameters/ Images" section of the application.

Affected products

2
  • Centreon/Webdescription
  • Range: 19.10.18, 20.04.8, 20.10.2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.