exploitDog

CVE-2022-43192

Опубликовано: 17 нояб. 2022

Источник: nvd

CVSS3: 6.7

EPSS Низкий

Описание

An arbitrary file upload vulnerability in the component /dede/file_manage_control.php of Dedecms v5.7.101 allows attackers to execute arbitrary code via a crafted PHP file. This vulnerability is related to an incomplete fix for CVE-2022-40886.

Ссылки

https://github.com/linchuzhu/Dedecms-v5.7.101-RCE
Exploit
Third Party Advisory
https://github.com/linchuzhu/Dedecms-v5.7.101-RCE
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:dedecms:dedecms:5.7.101:*:*:*:*:*:*:*

EPSS

Процентиль: 35%

0.00146

Низкий

6.7 Medium

CVSS3

Дефекты

CWE-434

CWE-434

Связанные уязвимости

GHSA-8j96-j4vp-9j7m

CVSS3: 6.7

github

около 3 лет назад

An arbitrary file upload vulnerability in the component /dede/file_manage_control.php of Dedecms v5.7.101 allows attackers to execute arbitrary code via a crafted PHP file. This vulnerability is related to an incomplete fix for CVE-2022-40886.

EPSS

Процентиль: 35%

0.00146

Низкий

6.7 Medium

CVSS3

Дефекты

CWE-434

CWE-434