Critical severityNVD Advisory· Published May 13, 2024· Updated Aug 1, 2024
Unrestricted Upload of File with Dangerous Type vulnerability on Cockpit CMS from Agentejo
CVE-2024-4825
Description
A vulnerability has been discovered in Agentejo Cockpit CMS v0.5.5 that consists in an arbitrary file upload in ‘/media/api’ parameter via post request. An attacker could upload files to the server, compromising the entire infrastructure.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
cockpit-hq/cockpitPackagist | < 2.7.0 | 2.7.0 |
Affected products
2Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.