Submit #632537: HuangDou UTCMS V9 RCE vulnerability for remote file download in the backgroundinfo

TitelHuangDou UTCMS V9 RCE vulnerability for remote file download in the background
BeschreibungIn the update.php page, users can remotely downloading the compressed package and automatically decompressing it and RCE.
Quelle⚠️ https://github.com/August829/Yu/blob/main/20250811_1.md
Benutzer
 Yu Bao (UID 88956)
Einreichung12.08.2025 15:50 (vor 11 Monaten)
Moderieren24.08.2025 16:52 (12 days later)
StatusAkzeptiert
VulDB Eintrag321238 [HuangDou UTCMS 9 Config update.php UPDATEURL erweiterte Rechte]
Punkte15

Do you know our Splunk app?

Download it now for free!