CVE-2022-31366 Information

Description

An arbitrary file upload vulnerability in the apiImportLabs function in api_labs.php of EVE-NG 2.0.3-112 Community allows attackers to execute arbitrary code via a crafted UNL file.

Reference

https://erpaciocco.github.io/2022/eve-ng-rce/ http://eve-ng.com