A code injection vulnerability has been discovered in the Upgrade function of QibosoftX1 v1.0. An attacker is able execute arbitrary PHP code via exploitation of client_upgrade_edition.php and Upgrade.php.
References
Link | Resource |
---|---|
https://github.com/whiskey-jj/w2s2x2222.github.io/issues/2 | Exploit Issue Tracking Third Party Advisory |
https://www.cnvd.org.cn/flaw/show/2297879 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-05-21T17:11:47
Updated: 2021-05-21T17:11:47
Reserved: 2021-03-01T00:00:00
Link: CVE-2021-27811
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-05-21T18:15:08.453
Modified: 2021-06-03T17:10:09.137
Link: CVE-2021-27811
JSON object: View
Redhat Information
No data.
CWE