Threat Encyclopedia



This indicates an attack attempt to exploit an Arbitrary File Upload Vulnerability in ReadyDesk.
The vulnerability is due to an design flaw in the vulnerable application when handling a file upload request without authentication. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via upload an arbitrary file without any authentication.

affected-products-logoAffected Products

ReadyDesk version 9.1


System Compromise: Remote attackers can execute arbitrary command execution under the security context of the root user.

recomended-action-logoRecommended Actions

From the vendor, apply the upgrade to version 9.2 or above.

CVE References