Unrated severityNVD Advisory· Published Nov 27, 2023· Updated Aug 2, 2024
Arcserve UDP Agent Unauthenticated Path Traversal File Upload
CVE-2023-42000
Description
Arcserve UDP prior to 9.2 contains a path traversal vulnerability in com.ca.arcflash.ui.server.servlet.FileHandlingServlet.doUpload(). An unauthenticated remote attacker can exploit it to upload arbitrary files to any location on the file system where the UDP agent is installed.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.