header-logo
Suggest Exploit
vendor:
GLPI GZIP(Py3)
by:
Brian Peters & n3rada
7.1
CVSS
HIGH
RCE
94
CWE
Product Name: GLPI GZIP(Py3)
Affected Version From: 0.8.5
Affected Version To: 9.4.5
Patch Exists: YES
Related CWE: CVE-2020-11060
CPE: glpi:glpi:9.4.5
Metasploit: https://www.rapid7.com/db/vulnerabilities/freebsd-cve-2020-11060/
Other Scripts: https://www.infosecmatter.com/nessus-plugin-library/?id=144144https://www.infosecmatter.com/nessus-plugin-library/?id=11060
Platforms Tested: Kali 2021, Windows 2019
2021

GLPI GZIP(Py3) 9.4.5 – RCE

The GLPI GZIP(Py3) version 9.4.5 is vulnerable to remote code execution (RCE). The vulnerability allows an attacker to execute arbitrary code on the target system.

Mitigation:

Update to a patched version of GLPI GZIP(Py3) to mitigate this vulnerability. Additionally, ensure that proper input validation and sanitation measures are implemented to prevent code injection attacks.
Source

Exploit-DB raw data:

Navigation

Suggest Exploit

Services By CQR