CVE-2014-125113 – Dell KACE K1000 System Management Appliance Unrestricted File Upload Vulnerability

CVE ID : CVE-2014-125113

Published : Aug. 5, 2025, 8:15 p.m. | 1 hour, 29 minutes ago

Description : An unrestricted file upload vulnerability exists in Dell (acquired by Quest) KACE K1000 System Management Appliance version 5.0 – 5.3, 5.4 prior to 5.4.76849, and 5.5 prior to 5.5.90547 in the download_agent.php endpoint. An attacker can upload arbitrary PHP files to a temporary web-accessible directory, which are later executed through inclusion in backend code that loads files under attacker-controlled paths.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…