Gửi #516291: www.digiwin.com digiwin ERP system v5.1 Unrigorous file uploading results in RCEthông tin

tiêu đềwww.digiwin.com digiwin ERP system v5.1 Unrigorous file uploading results in RCE
Mô tảA critical security vulnerability has been identified in the file upload functionality of the Digiwin ERP system. This vulnerability allows unauthenticated users to upload arbitrary files, which can lead to remote code execution (RCE) and potentially grant attackers full control over the server.
Nguồn⚠️ https://github.com/Rain1er/report/blob/main/THNlcnBf/RCE_3.md
Người dùng
 XU NIE (UID 82414)
Đệ trình07/03/2025 16:32 (cách đây 1 Năm)
Kiểm duyệt24/03/2025 12:19 (17 days later)
Trạng tháiđược chấp nhận
Mục VulDB300726 [Digiwin ERP 5.1 /Api/FileUploadApi.ashx DoUpload/DoWebUpload Tệp tin nâng cao đặc quyền]
điểm17

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!