CVE-2024-25832
Description
F-logic DataCube3 v1.0 is vulnerable to unrestricted file upload, which could allow an authenticated malicious actor to upload a file of dangerous type by manipulating the filename extension.
NVD
Severity: N/A
CVE ID: CVE-2024-25832
CVSS Score: N/A
CVSS Metrics: NVD assessment not yet provided.
Proof Of Concept
0xNslabs
PoC Script for CVE-2024-25832: Exploit chain reverse shell, information disclosure (root password leak) + unrestricted file upload in DataCube3
Refrence: GitHub