Arbitrary Code Execution via File Upload Vulnerability
CVE-2024-46373
Currently unrated
Summary
Dedecms V5.7.115 has a vulnerability in its backend that allows for arbitrary code execution through a malicious file upload. This security flaw enables an attacker to potentially execute unauthorized commands on the server, jeopardizing the integrity and security of the application and its underlying infrastructure. Proper mitigations and updates are essential for users of this product to protect against exploitation.
References
Timeline
Vulnerability published