An arbitrary file upload vulnerability in the Update Branding Settings component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file.
Snipe-IT Version v602 Vulnerability Explanation: An arbitrary file upload vulnerability in the Update Branding Settings component of Snipe-IT v602 allows attackers to execute arbitrary code via a crafted file Attack Vectors: We found a vulnerability file upload, when we upload malicious file at Update Branding Settings page Payload : githubcom/bypazs/GrimTheRip