Tenable Nessus 6.8.x < 6.10.2 Arbitrary File Upload (TNS-2017-06)
Medium Nessus Plugin ID 99440
SynopsisAn application running on the remote Windows host is affected by an arbitrary file upload vulnerability.
DescriptionAccording to its self-reported version, the Tenable Nessus application running on the remote host is 6.8.x, 6.9.x, or 6.10.x prior to 6.10.2.
It is, therefore, affected by an arbitrary file upload vulnerability due to an unspecified flaw. An authenticated, remote attacker can exploit this to upload a specially crafted file to an arbitrary system location.
SolutionUpgrade to Tenable Nessus version 6.10.2 or later.