Skip to main content

Communication Channel Errors


Severity High
Score 9.8/10


October CMS up to build 412 is vulnerable to file path modification in asset move functionality resulting in creating malicious files on the server.

  • LOW
  • HIGH
  • NONE
  • NONE
  • HIGH
  • HIGH

CWE-417 - Communication Channel Errors

Weaknesses in this category are related to improper handling of communication channels and access paths. These weaknesses include problems in creating, managing, or removing alternate channels and alternate paths. Some of these can overlap virtual file problems and are commonly used in "bypass" attacks, such as those that exploit authentication errors.

Advisory Timeline

  • Published