Back to directory

WRITEUP #1726

PandoraFMS - Pre-Auth Remote Code Execution

RCEPath traversalArbitrary file uploadLFISecurity code review

by@esj4y(esj4y)

Program

PandoraFMS

Published

Jan 6, 2023

Added to HackDex

Jan 11, 2023

Read Full Writeuphttps://3sjay.github.io/2023/01/06/pandoraFMS-Pre-Auth-RCE.html

▸ RELATED WRITEUPS

Traccar 5 Remote Code Execution Vulnerabilities

RCEUnrestricted file upload

Exploiting authorization by nonce in WordPress plugins

RCEArbitrary file upload

Path Traversal and Code Execution in CSLA.NET (CVE-2024-28698)

RCEPath traversal

WhatsUp Gold Pre-Auth RCE WriteDataFile Primitive (CVE-2024-4883)

RCEPath traversal

WhatsUp Gold Pre-Auth RCE GetFileWithoutZip Primitive (CVE-2024-4885)

RCEPath traversal

Built with ❤️ by Shubham Rawat