Grand Vice info Co. webopac7 file upload function fails to filter special characters. While logging in with general user’s permission, remote attackers can upload malicious script and execute arbitrary code to control the system or interrupt services.
References
Link | Resource |
---|---|
https://www.twcert.org.tw/tw/cp-132-5288-9d546-1.html | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: twcert
Published: 2021-11-15T00:00:00
Updated: 2021-11-15T09:30:20
Reserved: 2021-10-22T00:00:00
Link: CVE-2021-42839
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-11-15T10:15:07.920
Modified: 2021-11-16T17:24:51.897
Link: CVE-2021-42839
JSON object: View
Redhat Information
No data.
CWE