Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistHackeroneCVELIST:CVE-2023-28128
HistoryMay 09, 2023 - 12:00 a.m.

CVE-2023-28128

2023-05-0900:00:00
CWE-434
hackerone
www.cve.org
unrestricted upload
file type
vulnerability
avalanche
remote code execution

0.13 Low

EPSS

Percentile

95.5%

JSON

An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to achieve a remove code execution.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Avalanche",
    "versions": [
      {
        "version": "Avalanche version 6.3.x and below",
        "status": "affected"
      }
    ]
  }
]

Related

zdi 1
nvd 1
zdt 1
cve 1
prion 1
metasploit 1
packetstorm 1
rapid7blog 1
zdi
zdi
Ivanti Avalanche FileStoreConfig Arbitrary File Upload Remote Code Execution Vulnerability
2023-04-24 00:00:00
nvd
nvd
CVE-2023-28128
2023-05-09 22:15:09
zdt
zdt
Ivanti Avalanche FileStoreConfig Shell Upload Exploit
2023-05-19 00:00:00
cve
cve
CVE-2023-28128
2023-05-09 22:15:09
prion
prion
Unrestricted file upload
2023-05-09 22:15:00
metasploit
metasploit
Ivanti Avalanche FileStoreConfig File Upload
2023-05-04 23:03:02
packetstorm
packetstorm
Ivanti Avalanche FileStoreConfig Shell Upload
2023-05-16 00:00:00
rapid7blog
rapid7blog
Metasploit Weekly Wrap-Up
2023-05-19 18:44:30

0.13 Low

EPSS

Percentile

95.5%

JSON
Related for CVELIST:CVE-2023-28128
zdi1nvd1zdt1cve1prion1metasploit1packetstorm1rapid7blog1