What the vulnerability does
01Description
Unrestricted Upload of File with Dangerous Type vulnerability in Fastw3b LLC FW Gallery fw-gallery allows Using Malicious Files.This issue affects FW Gallery: from n/a through <= 8.0.0.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
What the vulnerability does
Unrestricted Upload of File with Dangerous Type vulnerability in Fastw3b LLC FW Gallery fw-gallery allows Using Malicious Files.This issue affects FW Gallery: from n/a through <= 8.0.0.
Explanation of Vulnerability in Simple Terms
FW Gallery versions 8.0.0 and earlier contain an unrestricted file upload vulnerability. An attacker can upload arbitrary files to the server without authentication, potentially executing malicious code or compromising the entire site. The vulnerability requires no user interaction and can be exploited remotely over the network.
What an attacker can do
Upload arbitrary files and execute code on the server without authentication.
Potential impact on your site
Complete site compromise: attackers can run code, steal data, modify content, or take the site offline.
Conditions required to exploit
Network access to the vulnerable FW Gallery installation; no authentication required.
Key dates
External resources