CyberSec.Space Logo
Back to CVE Browser

CVE-2020-13774

CRITICAL
9.9
CVSS Severity Score
EPSS Score0.0170%
EPSS Percentile43.25th
PublishedNov 12, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

An unrestricted file-upload issue in EditLaunchPadDialog.aspx in Ivanti Endpoint Manager 2019.1 and 2020.1 allows an authenticated attacker to gain remote code execution by uploading a malicious aspx file. The issue is caused by insufficient file extension validation and insecure file operations on the uploaded image, which upon failure will leave the temporarily created files in an accessible location on the server.

Affected Platforms (CPE)

📦
Ivanti

Endpoint Manager

= 2019.1
📦
Ivanti

Endpoint Manager

= 2020.1

References & Advisories

🔗 https://labs.jumpsec.com/advisory-cve-2020-13774-ivanti-uem-rce/
🔗 https://labs.jumpsec.com/advisory-cve-2020-13774-ivanti-uem-rce/

Related Vulnerabilities

CVE-2009-142910.0

The Intel LANDesk Common Base Agent (CBA) in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); S...

CVE-2011-186710.0

Stack-based buffer overflow in iNodeMngChecker.exe in the User Access Manager (UAM) 5.0 before SP1 E0101P03 and Endpoint Admission...

CVE-2021-138810.0

A vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services Engine could a...

CVE-2019-123779.8

A vulnerable upl/async_upload.asp web API endpoint in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager) 10.0.1.168 Serv...