Опубликовано: 13 фев. 2026
Источник: github
Github: Не прошло ревью
CVSS4: 9.3
CVSS3: 9.8
Описание
Airleader Master versions 6.381 and prior allow for file uploads without restriction to multiple webpages running maximum privileges. This could allow an unauthenticated user to potentially obtain remote code execution on the server.
Airleader Master versions 6.381 and prior allow for file uploads without restriction to multiple webpages running maximum privileges. This could allow an unauthenticated user to potentially obtain remote code execution on the server.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2026-1358
- https://airleader.us/contact
- https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-043-10.json
- https://www.cisa.gov/news-events/ics-advisories/icsa-26-043-10
- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2025-044.txt
Связанные уязвимости
CVSS3: 9.8
nvd
3 месяца назад
Airleader Master versions 6.381 and prior allow for file uploads without restriction to multiple webpages running maximum privileges. This could allow an unauthenticated user to potentially obtain remote code execution on the server.