exploitDog

CVE-2026-1021

Опубликовано: 16 янв. 2026

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

Police Statistics Database System developed by Gotac has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attacker to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.

Ссылки

https://www.twcert.org.tw/en/cp-139-10638-0e44b-2.html
Third Party Advisory
https://www.twcert.org.tw/tw/cp-132-10637-3e4b3-1.html
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:gotac:police_statistics_database_system:*:*:*:*:*:*:*:*

Версия до 1.0.2 (включая)

EPSS

Процентиль: 49%

0.00262

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-434

Связанные уязвимости

GHSA-v9cc-297r-8m53

CVSS3: 9.8

github

23 дня назад

Police Statistics Database System developed by Gotac has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attacker to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.

EPSS

Процентиль: 49%

0.00262

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-434