| タイトル | perfree go-fastdfs-web v1.3.7 Unauthorized takeover of the platform Vulnerability |
|---|
| 説明 | A vulnerability classified as a key was found in go-fastdfs-web 1.3.7. This problem will affect the file src/main/java/com/perfree/controller/InstallController.java file/install/doInstall interface. After the installation of the project, it will not Due to the deletion of its installation interface and installation route, the attacker can take over the platform through the second installation and obtain the system authority of the platform without authorization. The vulnerability has been disclosed to the public and may be used. |
|---|
| ソース | ⚠️ https://gitee.com/ying-xiujie/cve/issues/IGB6M9 |
|---|
| ユーザー | yingxiujie (UID 96521) |
|---|
| 送信 | 2026年03月17日 05:12 (1 月 ago) |
|---|
| モデレーション | 2026年04月11日 09:14 (25 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 356964 [perfree go-fastdfs-web 迄 1.3.7 doInstall Interface InstallController.java 特権昇格] |
|---|
| ポイント | 20 |
|---|