| tiêu đề | Chengdu Sobey Digital Technology Co., Ltd. Sobey Media Convergence System V2.0-2.1 Uploaded File |
|---|
| Mô tả | This interface does not effectively validate and filter uploaded filenames and content. Attackers can construct special requests to upload malicious script files (such as JSPs) with fake extensions and write these script files to the web directory via path traversal (such as ../../). After successful upload, attackers can trigger remote code execution (RCE) by accessing the script. |
|---|
| Nguồn | ⚠️ https://github.com/hacker-routing/cve/issues/1 |
|---|
| Người dùng | routing_love (UID 92805) |
|---|
| Đệ trình | 20/11/2025 07:51 (cách đây 5 các tháng) |
|---|
| Kiểm duyệt | 06/12/2025 09:56 (16 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 334602 [Sobey Media Convergence System 2.0/2.1 upload Tệp tin duyệt thư mục] |
|---|
| điểm | 19 |
|---|