| 제목 | www.digiwin.com digiwin ERP system v5.1.3 Unauthenticated File Upload Leading to Remote Code Execution |
|---|
| 설명 | A critical vulnerability has been identified in the Digiwin ERP system, specifically in the file upload functionality of the DoWebUpload method. This vulnerability allows unauthenticated users to upload arbitrary files, potentially leading to remote code execution and complete server compromise. |
|---|
| 원천 | ⚠️ https://github.com/Rain1er/report/blob/main/THNlcnBf/RCE_4.md |
|---|
| 사용자 | XU NIE (UID 82414) |
|---|
| 제출 | 2025. 03. 07. PM 04:33 (1 년도 ago) |
|---|
| 모더레이션 | 2025. 03. 24. PM 12:19 (17 days later) |
|---|
| 상태 | 중복 |
|---|
| VulDB 항목 | 300726 [Digiwin ERP 5.1 /Api/FileUploadApi.ashx DoUpload/DoWebUpload 파일 권한 상승] |
|---|
| 포인트들 | 0 |
|---|