Опубликовано: 29 дек. 2025
Источник: github
Github: Не прошло ревью
CVSS4: 9.3
CVSS3: 9.8
Описание
WMPro developed by Sunnet has a Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.
WMPro developed by Sunnet has a Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.
EPSS
Процентиль: 52%
0.00286
Низкий
9.3 Critical
CVSS4
9.8 Critical
CVSS3
CVE ID
Дефекты
CWE-434
Связанные уязвимости
CVSS3: 9.8
nvd
около 1 месяца назад
WMPro developed by Sunnet has a Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.
EPSS
Процентиль: 52%
0.00286
Низкий
9.3 Critical
CVSS4
9.8 Critical
CVSS3
CVE ID
Дефекты
CWE-434