CVE-2019-12744 – SeedDMS / SeedDMS – Unrestricted file upload

August 24, 2021

CVE-2019-12744 is an unrestricted file upload vulnerability impacting SeedDMS versions 5.1.10 and earlier. An exploit was observed in open source and a link to an exploit was shared in the underground.

Summary:

CVE-2019-12744 is an unrestricted file upload vulnerability impacting SeedDMS versions 5.1.10 and earlier. An exploit was observed in open source and a link to an exploit was shared in the underground.

PoC Links(if available):

Exploit DB link –
https://www.exploit-db.com/exploits/50062

Known Counter Measures:

SeedDMS addressed the vulnerability in SeedDMS version 5.1.11.

Links to patches(if available)

https://sourceforge.net/p/seeddms/code/ci/master/tree/CHANGELOG

Tags:

You may have missed

CISA Logo

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

April 20, 2024
CISA Logo

CISA: Joint Guidance on Deploying AI Systems Securely

April 20, 2024
CISA Logo

CISA: Juniper Releases Security Bulletin for Multiple Juniper Products

April 20, 2024
CISA Logo

CISA: Citrix Releases Security Updates for XenServer and Citrix Hypervisor

April 20, 2024
CISA Logo

CISA: Palo Alto Networks Releases Guidance for Vulnerability in PAN-OS, CVE-2024-3400

April 20, 2024