| 제목 | www.digiwin.com digiwin ERP system v5.0.1 Improper Sanitization of Filename to result |
|---|
| 설명 | A file upload vulnerability has been discovered in the Digiwin ERP system that does not require authentication. This flaw permits attackers to upload arbitrary files, including potentially harmful ASPX files, which can result in remote code execution and total server compromise. |
|---|
| 원천 | ⚠️ https://github.com/Rain1er/report/blob/main/THNlcnBf/RCE_5.md |
|---|
| 사용자 | XU NIE (UID 82414) |
|---|
| 제출 | 2025. 03. 07. PM 04:35 (1 년도 ago) |
|---|
| 모더레이션 | 2025. 03. 24. PM 12:19 (17 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 300727 [Digiwin ERP 5.0.1 UploadAjaxAPI.ashx 파일 권한 상승] |
|---|
| 포인트들 | 17 |
|---|