CVE-2014-125113 PUBLISHED

Dell/Quest KACE K1000 Unauthenticated File Upload RCE

Assigner: VulnCheck
Reserved: 23.07.2025 Published: 05.08.2025 Updated: 06.08.2025

An unrestricted file upload vulnerability exists in Dell (acquired by Quest) KACE K1000 System Management Appliance version 5.0 - 5.3, 5.4 prior to 5.4.76849, and 5.5 prior to 5.5.90547 in the download_agent.php endpoint. An attacker can upload arbitrary PHP files to a temporary web-accessible directory, which are later executed through inclusion in backend code that loads files under attacker-controlled paths.

Metrics

CVSS 4.0

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CVSS Score: 9.3

Exploitability Metrics		Vulnerable System Impact Metrics		Subsequent System Impact Metrics
Attack Vector	Network	Confidentiality	High	Confidentiality	None
Attack Complexity	Low	Integrity	High	Integrity	None
Attack Requirements	None	Availability	High	Availability	None
Privileges Required	None
User Interaction	None

CVSS 4.0

Product Status

Vendor	Dell/Quest
Product	KACE K1000 Systems Management Appliance
Versions	Default: unaffected affected from 5.0 to 5.3 (incl.) affected from 5.4 to 5.4.76849 (excl.) affected from 5.5 to 5.5.90547 (excl.)

Credits

Bradley Austin finder

References

Problem Types

CWE-434 Unrestricted Upload of File with Dangerous Type CWE
CWE-306 Missing Authentication for Critical Function CWE

Impacts

CAPEC-233 Privilege Escalation