| TVN ID | TVN-202112002 |
|---|---|
| CVE ID | CVE-2021-44159 |
| CVSS | 9.8 (Critical) CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Affected Products | 4MOSAn GCB Doctor version <= 20210811(2.0) |
| Description | 4MOSAn GCB Doctor’s file upload function has improper user privilege control. A remote attacker can upload arbitrary files including webshell files without authentication and execute arbitrary code in order to perform arbitrary system operations or deny of service attack. |
| Solution | Update 4MOSAn GCB Doctor version to 20210916(v2.0) |
| Credit | Meng Yi Chou |
| Public Date | 2021-12-17 |
:::