Home > Vulnerability Database > CVE-2023-50729

Mend.io Vulnerability Database

CVE-2023-50729

Good to know:

Date: January 15, 2024

Traccar is an open source GPS tracking system. Prior to 5.11, Traccar is affected by an unrestricted file upload vulnerability in File feature allows attackers to execute arbitrary code on the server. This vulnerability is more prevalent because Traccar is recommended to run web servers as root user. It is also more dangerous because it can write or overwrite files in arbitrary locations. Version 5.11 was published to fix this vulnerability.

Language: Java

Severity Score

9.8

Related Resources (3)

Url: https://github.com/traccar/traccar/security/advisories/GHSA-pqf7-8g85-vx2q

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-50729

Url: https://www.mend.io/vulnerability-database/CVE-2023-50729

Severity Score

9.8

Weakness Type (CWE)

Unrestricted Upload of File with Dangerous Type

CWE-434

Top Fix

Upgrade Version

Upgrade to version v5.11

Learn More

CVSS v3.1

Base Score:	9.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2023-50729

Good to know:

Date: January 15, 2024

Language: Java

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?