Описание
Jalios JCMS 10 allows attackers to access any part of the website and the WebDAV server with administrative privileges via a backdoor account, by using any username and the hardcoded dev password.
Jalios JCMS 10 allows attackers to access any part of the website and the WebDAV server with administrative privileges via a backdoor account, by using any username and the hardcoded dev password.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2019-19033
- https://community.jalios.com/jcms/frt_74021/en/blog-jalios-community
- https://drive.google.com/drive/folders/1Wv2wCY-n5PuuvD4MYoRd0NTWC58V3G8B?usp=sharing
- https://github.com/ricardojoserf/CVE-2019-19033
- http://packetstormsecurity.com/files/155419/Jalios-JCMS-10-Backdoor-Account-Authentication-Bypass.html
EPSS
Процентиль: 75%
0.00908
Низкий
CVE ID
Связанные уязвимости
CVSS3: 9.8
nvd
около 6 лет назад
Jalios JCMS 10 allows attackers to access any part of the website and the WebDAV server with administrative privileges via a backdoor account, by using any username and the hardcoded dev password.
EPSS
Процентиль: 75%
0.00908
Низкий