CVE-2023-26830
published 2023-03-31CVE-2023-26830: An unrestricted file upload vulnerability in the administrative portal branding component of Gladinet CentreStack before 13.5.9808 allows authenticated…
PriorityP344high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
EPSS
1.06%
60.4th percentile
An unrestricted file upload vulnerability in the administrative portal branding component of Gladinet CentreStack before 13.5.9808 allows authenticated attackers to execute arbitrary code by uploading malicious files to the server.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| gladinet | centrestack | < 13.5.9808 | 13.5.9808 |
| linux | linux_kernel | >= 0 < 5.15.0-119.129 | 5.15.0-119.129 |
CVSS provenance
nvdv3.17.2HIGHCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
osv8.4HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
linux-raspi-5.4 vulnerabilities
osv·2024-09-02·CVSS 5.5
CVE-2024-24860 linux-raspi-5.4 vulnerabilities
linux-raspi-5.4 vulnerabilities
It was discovered that a race condition existed in the Bluetooth subsystem
in the Linux kernel, leading to a null pointer dereference vulnerability. A
privileged local attacker could use this to possibly cause a denial of
service (system crash). (CVE-2024-24860)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SuperH RISC architecture;
- MMC subsystem;
- Network drivers;
- SCSI drivers;
- GFS2 file system;
- IPv4 networking;
- IPv6 networking;
- HD-audio driver;
(CVE-2024-26830, CVE-2024-39484, CVE-2024-36901, CVE-2024-26929,
CVE-2024-26921, CVE-2021-46926, CVE-2023-52629, CVE-2023-52760)
OSV
linux-aws-5.4 vulnerabilities
osv·2024-08-26·CVSS 5.5
CVE-2024-24860 linux-aws-5.4 vulnerabilities
linux-aws-5.4 vulnerabilities
It was discovered that a race condition existed in the Bluetooth subsystem
in the Linux kernel, leading to a null pointer dereference vulnerability. A
privileged local attacker could use this to possibly cause a denial of
service (system crash). (CVE-2024-24860)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SuperH RISC architecture;
- MMC subsystem;
- Network drivers;
- SCSI drivers;
- GFS2 file system;
- IPv4 networking;
- IPv6 networking;
- HD-audio driver;
(CVE-2024-26830, CVE-2024-39484, CVE-2024-36901, CVE-2024-26929,
CVE-2024-26921, CVE-2021-46926, CVE-2023-52629, CVE-2023-52760)
OSV
linux-azure-5.4 vulnerabilities
osv·2024-08-23·CVSS 5.5
CVE-2024-24860 linux-azure-5.4 vulnerabilities
linux-azure-5.4 vulnerabilities
It was discovered that a race condition existed in the Bluetooth subsystem
in the Linux kernel, leading to a null pointer dereference vulnerability. A
privileged local attacker could use this to possibly cause a denial of
service (system crash). (CVE-2024-24860)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SuperH RISC architecture;
- MMC subsystem;
- Network drivers;
- SCSI drivers;
- GFS2 file system;
- IPv4 networking;
- IPv6 networking;
- HD-audio driver;
(CVE-2024-26830, CVE-2024-39484, CVE-2024-36901, CVE-2024-26929,
CVE-2024-26921, CVE-2021-46926, CVE-2023-52629, CVE-2023-52760)
OSV
linux-oracle-5.15 vulnerabilities
osv·2024-08-23·CVSS 8.4
CVE-2024-26921 linux-oracle-5.15 vulnerabilities
linux-oracle-5.15 vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SuperH RISC architecture;
- User-Mode Linux (UML);
- MMC subsystem;
- Network drivers;
- GFS2 file system;
- IPv4 networking;
- IPv6 networking;
(CVE-2024-26921, CVE-2023-52629, CVE-2024-26680, CVE-2024-26830,
CVE-2024-39484, CVE-2024-39292, CVE-2024-36901, CVE-2023-52760)
OSV
linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-ibm,
osv·2024-08-21·CVSS 8.4
linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-ibm,
linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-raspi vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SuperH RISC architecture;
- User-Mode Linux (UML);
- MMC subsystem;
- Network drivers;
- GFS2 file system;
- IPv4 networking;
- IPv6 networking;
(CVE-2024-26921, CVE-2023-52629, CVE-2024-26680, CVE-2024-26830,
CVE-2024-39484, CVE-2024-39292, CVE-20
GHSA
GHSA-5j89-9926-36q5: An unrestricted file upload vulnerability in the administrative portal branding component of Gladinet CentreStack before 13
ghsa_unreviewed·2023-03-31
CVE-2023-26830 [HIGH] CWE-434 GHSA-5j89-9926-36q5: An unrestricted file upload vulnerability in the administrative portal branding component of Gladinet CentreStack before 13
An unrestricted file upload vulnerability in the administrative portal branding component of Gladinet CentreStack before 13.5.9808 allows authenticated attackers to execute arbitrary code by uploading malicious files to the server.
No detection rules found.
No public exploits indexed.
2023-03-31
Published