CVE-2018-5997

CVE: CVE-2018-5997
Published: 2018-01-25T17:29Z
Vendor: ravpower
Products: filehub_firmware
Versions: 2.000.056,
Description Language: en
Description: An issue was discovered in the HTTP Server in RAVPower Filehub 2.000.056. Due to an unrestricted upload feature and a path traversal vulnerability, it is possible to upload a file on a filesystem with root privileges: this will lead to remote code execution as root.
References:
https://www.exploit-db.com/exploits/43871/