Arbitrary Code Execution via File Upload Vulnerability
CVE-2024-46373

Currently unrated

Key Information:

Vendor
Dedecms
Status
Vendor
CVE Published:
18 September 2024

Summary

Dedecms V5.7.115 has a vulnerability in its backend that allows for arbitrary code execution through a malicious file upload. This security flaw enables an attacker to potentially execute unauthorized commands on the server, jeopardizing the integrity and security of the application and its underlying infrastructure. Proper mitigations and updates are essential for users of this product to protect against exploitation.

References

Timeline

  • Vulnerability published

.