Impact
MediaCMS has been prone to vulnerabilities that upon special cases can lead to remote code execution. All versions before v4.1.0 are susceptible, and users are highly recomended to upgrade.
The vulnerabilities are related with insufficient input validation while uploading media content. The condition to exploit the vulnerability is that the portal allows users to upload content.
These findings have been reported by Vladimir Razov of Positive Technologies.
Patches
Patch is release in version v4.1.0, upgrade using the instructions on how to upgrade versions.
Impact
MediaCMS has been prone to vulnerabilities that upon special cases can lead to remote code execution. All versions before v4.1.0 are susceptible, and users are highly recomended to upgrade.
The vulnerabilities are related with insufficient input validation while uploading media content. The condition to exploit the vulnerability is that the portal allows users to upload content.
These findings have been reported by Vladimir Razov of Positive Technologies.
Patches
Patch is release in version v4.1.0, upgrade using the instructions on how to upgrade versions.