Description
EVERTZ devices 3080IPX exe-guest-v1.2-r26125, 7801FC 1.3 Build 27, and 7890IXG V494 are vulnerable to Arbitrary File Upload, allowing an authenticated attacker to upload a webshell or overwrite any critical system files.
References (2)
Core 2
Core References
Permissions Required
https://sku11army.blogspot.com/2020/02/evertz-path-transversal-arbitrary-file.html
Scores
CVSS v3
8.8
EPSS
0.0017
EPSS Percentile
37.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-434
Status
published
Products (3)
evertz/3080ipx_firmware
exe-guest-v1.2-r26125
evertz/7801fc_firmware
1.3 build_27
evertz/7890ixg_firmware
v494
Published
Jul 18, 2023
Tracked Since
Feb 18, 2026