| Название | HuangDou UTCMS V9 RCE |
|---|
| Описание | The cli.php page can execute system commands without authentication. The filtering rules stipulate that commands can only start with cd, php, nohup, or composer. However, system commands can be executed using "nohup whoami". |
|---|
| Источник | ⚠️ https://github.com/DeepMountains/zzz/blob/main/CVE5-1.md |
|---|
| Пользователь | chenzijie0619 (UID 74657) |
|---|
| Представление | 06.10.2024 04:48 (2 лет назад) |
|---|
| Модерация | 12.10.2024 18:16 (7 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 280244 [HuangDou UTCMS V9 cli.php o эскалация привилегий] |
|---|
| Баллы | 14 |
|---|