CVE-2022-26607

Опубликовано: 06 апр. 2022

Источник: nvd

CVSS3: 7.2

CVSS2: 6.5

EPSS Низкий

Описание

A remote code execution (RCE) vulnerability in baigo CMS v3.0-alpha-2 was discovered to allow attackers to execute arbitrary code via uploading a crafted PHP file.

Ссылки

http://baigocms.com
Broken Link
https://github.com/baigoStudio/baigoCMS/
Product
Third Party Advisory
https://github.com/baigoStudio/baigoCMS/issues/9
Exploit
Issue Tracking
Third Party Advisory
http://baigocms.com
Broken Link
https://github.com/baigoStudio/baigoCMS/
Product
Third Party Advisory
https://github.com/baigoStudio/baigoCMS/issues/9
Exploit
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:baigo:baigo_cms:3.0:alpha2:*:*:*:*:*:*

EPSS

Процентиль: 86%

0.02715

Низкий

7.2 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-434

Связанные уязвимости

GHSA-xc7v-jvj9-p5fm