| عنوان | Beijing Weili Digital Technology Co., Ltd 微力同步 v2.21.3 Upload Any File |
|---|
| الوصف | During a security assessment of the "微力同步 v2.21.3" version, I found an arbitrary file upload vulnerability in the Web administration module. The core interface of this module does not implement valid authentication logic, which allows attackers to upload arbitrary files on the target device through the Web management module. Corrective action must be taken immediately to ensure system safety. |
|---|
| المصدر | ⚠️ https://github.com/jjjjj-zr/jjjjjzr/issues/10 |
|---|
| المستخدم | jjjjjzr (UID 92774) |
|---|
| ارسال | 21/11/2025 03:22 PM (5 أشهر منذ) |
|---|
| الاعتدال | 06/12/2025 06:34 PM (15 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 334619 [Verysync 微力同步 حتى 2.21.3 Web Administration text.txt?override=false تجاوز الصلاحيات] |
|---|
| النقاط | 19 |
|---|