| عنوان | perfree go-fastdfs-web v1.3.7 Unauthorized takeover of the platform Vulnerability |
|---|
| الوصف | A vulnerability classified as a key was found in go-fastdfs-web 1.3.7. This problem will affect the file src/main/java/com/perfree/controller/InstallController.java file/install/doInstall interface. After the installation of the project, it will not Due to the deletion of its installation interface and installation route, the attacker can take over the platform through the second installation and obtain the system authority of the platform without authorization. The vulnerability has been disclosed to the public and may be used. |
|---|
| المصدر | ⚠️ https://gitee.com/ying-xiujie/cve/issues/IGB6M9 |
|---|
| المستخدم | yingxiujie (UID 96521) |
|---|
| ارسال | 17/03/2026 05:12 AM (1 شهر منذ) |
|---|
| الاعتدال | 11/04/2026 09:14 AM (25 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 356964 [perfree go-fastdfs-web حتى 1.3.7 doInstall Interface InstallController.java تجاوز الصلاحيات] |
|---|
| النقاط | 20 |
|---|