Описание
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.7.6 (исключая)
cpe:2.3:a:quantatw:qoca_aim:*:*:*:*:*:*:*:*
EPSS
Процентиль: 51%
0.0028
Низкий
8.8 High
CVSS3
Дефекты
CWE-434
Связанные уязвимости
CVSS3: 8.8
github
около 1 месяца назад
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.
EPSS
Процентиль: 51%
0.0028
Низкий
8.8 High
CVSS3
Дефекты
CWE-434