Описание
Badaso version 2.6.3 allows an unauthenticated remote attacker to execute arbitrary code remotely on the server. This is possible because the application does not properly validate the data uploaded by users.
Ссылки
- ExploitThird Party Advisory
- Product
- ExploitThird Party Advisory
- Product
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:uatech:badaso:2.6.3:*:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.05947
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-434
CWE-434
Связанные уязвимости
CVSS3: 9.8
github
около 3 лет назад
Badaso vulnerable to Remote Code Execution (RCE)
EPSS
Процентиль: 90%
0.05947
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-434
CWE-434