Emlog
Moderate fix1 remedy
cpe:2.3:a:emlog:emlog:*:*:*:*:*:*:*
Moderate fix1 remedy
- < 2.6.11
Emlog Remote Code Execution Vulnerability via Insecure Plugin Upload
Vulnerability
Patched
A remote code execution vulnerability has been identified in Emlog versions prior to 2.6.11. The issue arises from an insecure plugin upload feature that allows attackers to upload ZIP files containing malicious PHP code. This uploaded code is executed with full server privileges, leading to complete server compromise and the installation of a persistent backdoor. The vulnerability has been patched in version 2.6.11.
Impact
Exploitation of this vulnerability allows for remote code execution on the server, with the executed code running with full server privileges. This leads to complete control over the server, potential data theft, and the installation of backdoors for future access.
Reproduction
To reproduce this vulnerability, upload a ZIP file containing a PHP backdoor through the admin plugin upload interface. The uploaded PHP code will be executed on the server, with the same privileges as the web server user.
Remediation
Users are advised to update to Emlog version 2.6.11 or later.
Added: May 8, 2026, 10:27 PM
Updated: May 8, 2026, 10:27 PM
Vulnerability Rating
Custom Algorithm
spread
1.0impact
7.5exploitability
6.3remediation
7.7relevance
7.8threat
6.4urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.