La Sostenibilità per TIM

Il Report 2024 accoglie i principi della Corporate Sustainability Reporting Directive (CSRD) ed è incluso nella Relazione Finanziaria e di Sostenibilità. Approfondisci

Facebook Twitter Linkedin Copia Link

tag

CVE-2021-26597

CVE-2021-26597 – NOKIA NetAct

Vulnerability Description: Unrestricted Upload of File with Dangerous Type - CWE-434
Software Version: NOKIA NetAct 18A
NIST: https://nvd.nist.gov/vuln/detail/CVE-2021-26597
CVSv3: 6.5
Severity: Medium
Credits: Raffaella Robles, Andrea Carlo Maria Dattola, Massimiliano Brolli

An issue was discovered in Nokia NetAct 18A. A remote user, authenticated to the NOKIA NetAct Web Page, can visit the Site Configuration Tool web site section and arbitrarily upload potentially dangerous files without restrictions via the /netact/sct dir parameter in conjunction with the operation=upload value.