| Titel | perfree go-fastdfs-web v1.3.7 Unauthorized takeover of the platform Vulnerability |
|---|
| Beschreibung | A vulnerability classified as a key was found in go-fastdfs-web 1.3.7. This problem will affect the file src/main/java/com/perfree/controller/InstallController.java file/install/doInstall interface. After the installation of the project, it will not Due to the deletion of its installation interface and installation route, the attacker can take over the platform through the second installation and obtain the system authority of the platform without authorization. The vulnerability has been disclosed to the public and may be used. |
|---|
| Quelle | ⚠️ https://gitee.com/ying-xiujie/cve/issues/IGB6M9 |
|---|
| Benutzer | yingxiujie (UID 96521) |
|---|
| Einreichung | 17.03.2026 05:12 (vor 30 Tagen) |
|---|
| Moderieren | 11.04.2026 09:14 (25 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 356964 [perfree go-fastdfs-web bis 1.3.7 doInstall Interface InstallController.java erweiterte Rechte] |
|---|
| Punkte | 20 |
|---|