Description
In Crafter CMS Crafter Studio 3.0.1 a directory traversal vulnerability exists which allows unauthenticated attackers to overwrite files from the operating system which can lead to RCE.
Remediation
References
https://docs.craftercms.org/en/3.0/security/advisory.html
http://crafter.com
Related Vulnerabilities
CVE-2019-12418 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core
CVE-2020-2177 Vulnerability in maven package org.jenkins-ci.plugins:copr
CVE-2023-34603 Vulnerability in maven package org.jeecgframework.boot:jeecg-boot-parent
CVE-2022-32549 Vulnerability in maven package org.apache.sling:org.apache.sling.api
CVE-2018-16115 Vulnerability in maven package com.typesafe.akka:akka-actor_2.12