Invia #811283: Beijing Meite Software Technology Co., Ltd. MetaCRM6 6.4.0 Beta06 CWE-434 (Unrestricted Upload of File with Dangerous Type)informazioni

TitoloBeijing Meite Software Technology Co., Ltd. MetaCRM6 6.4.0 Beta06 CWE-434 (Unrestricted Upload of File with Dangerous Type)
DescrizioneThere is a serious file upload vulnerability in the MTCRM6 system of Beijing Meite Software Technology Co., Ltd. The vulnerability is located in the /common/jsp/upload3.jsp interface. The interface does not restrict the type of uploaded files, and an attacker without authentication can exploit this vulnerability. This allows webshell to be transferred to the server. Successful exploitation of this vulnerability could enable remote code execution, granting the attacker full administrative access to the server.
Fonte⚠️ https://ucn9h68n9289.feishu.cn/wiki/XmoNwpJjJiQrBtkLMitccF56ntb
Utente
 Anonymous User
Sottomissione23/04/2026 09:58 (2 mesi fa)
Moderazione16/05/2026 19:41 (23 days later)
StatoAccettato
Voce VulDB364385 [Metasoft 美特软件 MetaCRM fino a 6.4.0 Beta06 /common/jsp/upload3.jsp File escalationi di privilegi]
Punti20

PrecedenteVisione D'ensembleIl prossimo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!