CVE-2013-7465

CRITICAL

Ice Cold Apps Servers Ultimate 6.0.2(12) - RCE

Title source: llm
STIX 2.1

Description

Ice Cold Apps Servers Ultimate 6.0.2(12) does not require authentication for TELNET, SSH, or FTP, which allows remote attackers to execute arbitrary code by uploading PHP scripts.

References (2)

Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
http://www.vapid.dhs.org/advisories/ultimate-server-android-vulns.html
Exploit, Third Party Advisory x_refsource_misc
http://www.vapidlabs.com/advisory.php?v=108

Scores

CVSS v3 9.8
EPSS 0.0335
EPSS Percentile 87.2%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-287
Status published
Products (1)
icecoldapps/servers_ultimate 6.0.2
Published Oct 05, 2018
Tracked Since Feb 18, 2026