Gửi #516292: www.digiwin.com digiwin ERP system v5.1.3 Unauthenticated File Upload Leading to Remote Code Executionthông tin

tiêu đềwww.digiwin.com digiwin ERP system v5.1.3 Unauthenticated File Upload Leading to Remote Code Execution
Mô tảA critical vulnerability has been identified in the Digiwin ERP system, specifically in the file upload functionality of the DoWebUpload method. This vulnerability allows unauthenticated users to upload arbitrary files, potentially leading to remote code execution and complete server compromise.
Nguồn⚠️ https://github.com/Rain1er/report/blob/main/THNlcnBf/RCE_4.md
Người dùng
 XU NIE (UID 82414)
Đệ trình07/03/2025 16:33 (cách đây 1 Năm)
Kiểm duyệt24/03/2025 12:19 (17 days later)
Trạng tháiBản sao
Mục VulDB300726 [Digiwin ERP 5.1 /Api/FileUploadApi.ashx DoUpload/DoWebUpload Tệp tin nâng cao đặc quyền]
điểm0

Want to stay up to date on a daily basis?

Enable the mail alert feature now!