Arbitrary Code Execution Vulnerability in ColdFusion File Upload Restriction Bypass

Arbitrary Code Execution Vulnerability in ColdFusion File Upload Restriction Bypass

CVE-2019-7816 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

ColdFusion versions Update 2 and earlier, Update 9 and earlier, and Update 17 and earlier have a file upload restriction bypass vulnerability. Successful exploitation could lead to arbitrary code execution.

Learn more about our Web Application Penetration Testing UK.