Описание
BPMFlowWebkit developed by WELLTEND TECHNOLOGY has a Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.0.5 (исключая)
cpe:2.3:a:welltend:bpmflowwebkit:*:*:*:*:*:*:*:*
EPSS
Процентиль: 49%
0.00262
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-434
Связанные уязвимости
CVSS3: 9.8
github
около 1 месяца назад
BPMFlowWebkit developed by WELLTEND TECHNOLOGY has a Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.
EPSS
Процентиль: 49%
0.00262
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-434