Ragic Enterprise Cloud Database Vulnerability: Unvalidated File Type Uploads Lead to Webshell Execution
CVE-2024-9985
9.8CRITICAL
What is CVE-2024-9985?
Ragic's Enterprise Cloud Database suffers from a file upload vulnerability due to improper validation of file types during uploads. This flaw allows attackers with regular user privileges to upload malicious files, such as webshells, which can then be exploited to execute arbitrary code on the remote server. This vulnerability poses a serious threat, enabling unauthorized access and potential control over the affected systems.
Affected Version(s)
Enterprise Cloud Database 0 < 2024/08/08 09:45:25
