KL-001-2025-016: Xorux LPAR2RRD File Upload Directory Traversal

An authenticated, read-only user can upload a file and perform a directory traversal to have the uploaded file placed in a location of their choosing. This can be used to overwrite existing PERL modules within the application to achieve remote code execution (RCE) by an attacker.

N/A

路径遍历：’../filedir’

XORUX LPAR2RRD 安全漏洞

XORUX LPAR2RRD是捷克XORUX公司的一个服务器性能监控平台。 XORUX LPAR2RRD存在安全漏洞，该漏洞源于目录遍历和文件上传功能结合，可能导致远程代码执行。

N/A

N/A