Adas
CVE-2019-14916
MEDIUM
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Lifecycle Timeline
1DescriptionNVD
An issue was discovered in PRiSE adAS 1.7.0. A file's format is not properly checked, leading to an unrestricted file upload.
AnalysisAI
An issue was discovered in PRiSE adAS 1.7.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified as Unrestricted File Upload (CWE-434), which allows attackers to upload malicious files that can be executed on the server. An issue was discovered in PRiSE adAS 1.7.0. A file's format is not properly checked, leading to an unrestricted file upload. Affected products include: Prise Adas.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate file types server-side, store uploads outside webroot, use random filenames, scan for malware.
An issue was discovered in PRiSE adAS 1.7.0. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable,
An issue was discovered in PRiSE adAS 1.7.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitabl
An issue was discovered in PRiSE adAS 1.7.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploita
An issue was discovered in PRiSE adAS 1.7.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitabl
An issue was discovered in PRiSE adAS 1.7.0. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploita
An issue was discovered in PRiSE adAS 1.7.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable,
An issue was discovered in PRiSE adAS 1.7.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable,
An issue was discovered in PRiSE adAS 1.7.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitabl
An issue was discovered in PRiSE adAS 1.7.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitabl
An issue was discovered in PRiSE adAS 1.7.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitabl
Same technique File Upload
View allShare
External POC / Exploit Code
Leaving vuln.today