Enviar #516292: www.digiwin.com digiwin ERP system v5.1.3 Unauthenticated File Upload Leading to Remote Code Executioninformación

Títulowww.digiwin.com digiwin ERP system v5.1.3 Unauthenticated File Upload Leading to Remote Code Execution
DescripciónA critical vulnerability has been identified in the Digiwin ERP system, specifically in the file upload functionality of the DoWebUpload method. This vulnerability allows unauthenticated users to upload arbitrary files, potentially leading to remote code execution and complete server compromise.
Fuente⚠️ https://github.com/Rain1er/report/blob/main/THNlcnBf/RCE_4.md
Usuario
 XU NIE (UID 82414)
Sumisión2025-03-07 16:33 (hace 1 Año)
Moderación2025-03-24 12:19 (17 days later)
EstadoDuplicado
Entrada de VulDB300726 [Digiwin ERP 5.1 /Api/FileUploadApi.ashx DoUpload/DoWebUpload Archivo escalada de privilegios]
Puntos0

AnteriorVisión De ConjuntoPróximo

Do you know our Splunk app?

Download it now for free!