CVE-2018-9206 — Vulnetix

Try Vulnetix Request Demo

CVE-2018-9206 PUBLISHED

Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0

EPSS 93.68% · 99.8th percentile

Risk Scores

EPSS Score

93.68%

99.8th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:18.04:LTS	libjs-jquery-file-upload	0, 9.19.1-1

Timeline

Oct 11, 2018 CVE Published
Oct 23, 2018 PoC Published
Oct 25, 2018 PoC Published
Nov 5, 2018 PoC Published
Apr 14, 2021 EPSS Score
May 17, 2021 CrowdSec Sighting
Jun 22, 2021 EPSS Score
Oct 21, 2021 CrowdSec Sighting
Oct 24, 2021 EPSS Score
Dec 25, 2021 EPSS Score
Feb 8, 2022 CrowdSec Sighting
Feb 25, 2022 EPSS Score

References

https://ubuntu.com/security/CVE-2018-9206 third-party-advisory
https://github.com/blueimp/jQuery-File-Upload/pull/3514 third-party-advisory
http://www.vapidlabs.com/advisory.php?v=204 third-party-advisory
https://github.com/lcashdol/Exploits/tree/master/CVE-2018-9206 third-party-advisory
https://www.cve.org/CVERecord?id=CVE-2018-9206 third-party-advisory

Open in Interactive Console →