Home / os / winnt

ReQuest Serious Play F3 Media Server 7.0.3 Unauthenticated Remote Code Execution

Posted on 19 October 2020

ReQuest Serious Play F3 Media Server version 7.0.3 suffers from an unauthenticated remote code execution vulnerability. Abusing the hidden ReQuest Internal Utilities page (/tools) from the services provided, an attacker can exploit the Quick File Uploader (/tools/upload.html) page and upload PHP executable files that results in remote code execution as the web server user.

 

TOP

Malware :

Exploits :