SysAid on-prem UserEntry accountID Path Traversal Remote Code Execution Vulnerability Exploit

A path traversal vulnerability in SysAid on-prem allows unauthenticated remote attackers to upload arbitrary files to the system. This allows the upload of a malicious WAR file to the web server's root directory leading to the execution of OS system commands.
CVE Link
CVE-2023-47246
Exploit Platform
Windows
Exploit Type
Exploits
OS Command Injection
Known Vulnerabilities
Product Name
Impact