| عنوان | Tiandy Technologies Co., Ltd. Tiandy-Easy7 7.17.0 OS Command Injection |
|---|
| الوصف | There is a critical remote command execution (RCE) vulnerability in the updateDbBackupInfo interface. An unauthenticated remote attacker can execute arbitrary commands via the week parameter. Successful exploitation of this vulnerability would enable the attacker to execute arbitrary commands with administrator privileges (such as root privileges), thereby posing a threat to the entire system. |
|---|
| المصدر | ⚠️ https://ucn9h68n9289.feishu.cn/wiki/Yslcw7QqWiRjUZkCcvkcJI62n2c |
|---|
| المستخدم | bigbrother_man (UID 96003) |
|---|
| ارسال | 14/04/2026 04:26 AM (2 أشهر منذ) |
|---|
| الاعتدال | 02/05/2026 10:07 PM (19 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 360867 [Tiandy Easy7 Integrated Management Platform 7.17.0 updateDbBackupInfo أسبوع تجاوز الصلاحيات] |
|---|
| النقاط | 19 |
|---|