Path Traversal Vulnerability in Chengdu Everbrite Network Technology BeikeShop
CVE-2024-8163
Key Information:
- Status
- Vendor
- CVE Published:
- 26 August 2024
Badges
What is CVE-2024-8163?
A critical path traversal vulnerability exists in Chengdu Everbrite Network Technology's BeikeShop, specifically in the destroyFiles function located in /admin/file_manager/files. This flaw allows attackers to manipulate the 'files' argument, potentially leading to unauthorized file access and deletion. The vulnerability can be exploited remotely, making it a significant threat to users operating with versions up to 1.5.5. Although the vendor was alerted about this vulnerability, there has been no response, escalating the risk of exploitation as details are publicly available. Organizations using affected versions are strongly advised to apply necessary patches and monitor for suspicious activity to mitigate risks associated with this vulnerability.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
BeikeShop 1.5.0
BeikeShop 1.5.1
BeikeShop 1.5.2
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V4
Timeline
- ๐ก
Public PoC available
- ๐พ
Exploit known to exist
Vulnerability published
Vulnerability Reserved