module
Open Web Analytics 1.7.3 - Remote Code Execution (RCE)
| Disclosed |
|---|
| Mar 18, 2022 |
Disclosed
Mar 18, 2022
Description
Open Web Analytics (OWA) before 1.7.4 allows an unauthenticated remote attacker to obtain sensitive
user information, which can be used to gain admin privileges by leveraging cache hashes.
This occurs because files generated with ' by the PHP interpreter.
user information, which can be used to gain admin privileges by leveraging cache hashes.
This occurs because files generated with ' by the PHP interpreter.
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.