Arbitrary Code Execution via File Upload Vulnerability

CVE-2024-46373

Summary

Dedecms V5.7.115 has a vulnerability in its backend that allows for arbitrary code execution through a malicious file upload. This security flaw enables an attacker to potentially execute unauthorized commands on the server, jeopardizing the integrity and security of the application and its underlying infrastructure. Proper mitigations and updates are essential for users of this product to protect against exploitation.

References