CVE-2021-26753
CVE-2021-26753
NeDi 1.9C allows an authenticated user to inject PHP code in the System Files function on the endpoint /System-Files.php via the txt HTTP POST parameter. This allows an attacker to obtain access to the operating system where NeDi is installed and to all application data.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →