Vulnerability in Maxdev Md-pro
CVE-2005-2885
The Downloads page in MAXdev MD-Pro 1.0.73, and possibly earlier versions, uses an incomplete blacklist to check for dangerous file extensions, which could allow remote attackers to bypass file extension checks and execute arbitrary comman…
EPSS: 0.089 (94.6th percentile) — read the EPSS interpretation.
Affected products
- Maxdev Md-pro — versions 1.0.73
- N/a — versions n/a
Public proof-of-concept exploits
References
- cve@mitre.org (Exploit, vdb-entry, x_refsource_BID)
- cve@mitre.org (Exploit, x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
Frequently asked questions
- What is CVE-2005-2885?
- CVE-2005-2885 is a vulnerability in Maxdev Md-pro. Published 2005-09-14.
- Is CVE-2005-2885 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.