TVN ID | TVN-202112002 |
---|---|
CVE ID | CVE-2021-44159 |
CVSS | 9.8 (Critical) CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Affected Products | 4MOSAn GCB Doctor version <= 20210811(2.0) |
Description | 4MOSAn GCB Doctor’s file upload function has improper user privilege control. A remote attacker can upload arbitrary files including webshell files without authentication and execute arbitrary code in order to perform arbitrary system operations or deny of service attack. |
Solution | Update 4MOSAn GCB Doctor version to 20210916(v2.0) |
Credit | Meng Yi Chou |
Public Date | 2021-12-17 |