Vulnerability detail

Enriched intelligence for a single CVE

7.8

CVSS
High

CVE-2023-26775

PUBLISHED

File Upload vulnerability found in Monitorr v.1.7.6 allows a remote attacker t oexecute arbitrary code via a crafted file upload to the...

Exploited in the wild Low complexity

Vendor: n/a
Product: n/a
Published: Apr 04, 2023
EPSS: —

Description

File Upload vulnerability found in Monitorr v.1.7.6 allows a remote attacker t oexecute arbitrary code via a crafted file upload to the assets/php/upload.php endpoint.

CVSS scores

CVSS v3.1 7.8 High

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitation status

Exploited in the wild

Recorded 2025-06-25 00:00:00 UTC · Source

References

https://twitter.com/retrymp3
https://github.com/Monitorr/
https://github.com/Monitorr/Monitorr
https://github.com/Monitorr/Monitorr/blob/3ebfd915bfb02aae2ded08c5e4ba6b1bea3009f2/assets/php/upload.php
http://packetstormsecurity.com/files/171705/Monitorr-1.7.6-Cross-Site-Scripting.html

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source	Added
The Shadowserver (via CIRCL)	Jun 25, 2025

Timeline

CVE ID Reserved

February 27, 2023
CVE Published to Public

April 04, 2023
Added to KEVIntel

June 25, 2025