Vulnerability in Maxdev Md-pro

CVE-2005-2885

The Downloads page in MAXdev MD-Pro 1.0.73, and possibly earlier versions, uses an incomplete blacklist to check for dangerous file extensions, which could allow remote attackers to bypass file extension checks and execute arbitrary comman…

EPSS: 0.089 (94.6th percentile) — read the EPSS interpretation.

Affected products

Public proof-of-concept exploits

References

Frequently asked questions

What is CVE-2005-2885?
CVE-2005-2885 is a vulnerability in Maxdev Md-pro. Published 2005-09-14.
Is CVE-2005-2885 known to be exploited?
1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.