CVE-2020-5844: Malicious File Upload
First published: Mon Mar 16 2020(Updated: )
index.php?sec=godmode/extensions&sec2=extensions/files_repo in Pandora FMS v7.0 NG allows authenticated administrators to upload malicious PHP scripts, and execute them via base64 decoding of the file location. This affects v7.0NG.742_FIX_PERL2020.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Artica Pandora FMS | =7.0_ng |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-5844 vulnerability about?
CVE-2020-5844 is a vulnerability in Pandora FMS v7.0 NG that allows authenticated administrators to upload and execute malicious PHP scripts.
How does CVE-2020-5844 affect Pandora FMS?
CVE-2020-5844 affects Pandora FMS v7.0 NG allowing authenticated administrators to upload and execute malicious PHP scripts.
What is the severity of CVE-2020-5844?
CVE-2020-5844 has a severity score of 7.2 (high).
How can I fix CVE-2020-5844 vulnerability in Pandora FMS?
To fix the CVE-2020-5844 vulnerability in Pandora FMS, it is recommended to apply the appropriate security patch or update to the latest version provided by Artica Pandora FMS.
Where can I find more information about CVE-2020-5844?
You can find more information about CVE-2020-5844 on the following references: [Packet Storm Security](http://packetstormsecurity.com/files/167503/Pandora-FMS-7.0NG.742-Remote-Code-Execution.html), [GitHub](https://github.com/TheCyberGeek/CVE-2020-5844), and [Pandora FMS](https://pandorafms.com).
- collector/nvd-index
- vendor/artica
- canonical/artica pandora fms
- version/artica pandora fms/7.0_ng