Rewterz Threat Advisory – Multiple Adobe Magento Commerce and Open Source Vulnerabilities
August 11, 2021Rewterz Threat Advisory – ICS: Multiple Siemens Solid Edge Vulnerabilities
August 11, 2021Rewterz Threat Advisory – Multiple Adobe Magento Commerce and Open Source Vulnerabilities
August 11, 2021Rewterz Threat Advisory – ICS: Multiple Siemens Solid Edge Vulnerabilities
August 11, 2021Severity
High
Analysis Summary
CVE-2021-33698
SAP Business One could allow a remote authenticated attacker to upload arbitrary files, caused by the improper validation of file extensions. By sending a specially-crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious file, which could allow the attacker to execute arbitrary code on the vulnerable system
Impact
- Code Execution
- Unauthorized Access
Affected Vendors
SAP
Affected Products
- SAP Business One 10.0
Remediation
Current SAP customers should refer to SAP notes for patch information, available from the SAP Web site.