Vulnerability Description
webTareas 2.0.p8 contains a file deletion vulnerability in the print_layout.php administration component that allows authenticated attackers to delete arbitrary files. Attackers can exploit the vulnerability by manipulating the 'atttmp1' parameter to specify and delete files on the server through an unauthenticated file deletion mechanism.
CVSS Score
CRITICAL
Related Weaknesses (CWE)
References
- https://sourceforge.net/projects/webtareas/
- https://www.exploit-db.com/exploits/48430
- https://www.vulncheck.com/advisories/webtareas-p-arbitrary-file-deletion
FAQ
What is CVE-2020-37080?
CVE-2020-37080 is a vulnerability with a CVSS score of 9.8 (CRITICAL). webTareas 2.0.p8 contains a file deletion vulnerability in the print_layout.php administration component that allows authenticated attackers to delete arbitrary files. Attackers can exploit the vulner...
How severe is CVE-2020-37080?
CVE-2020-37080 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2020-37080?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.