← back
CVE-2024-3778

Ai3 QbiBot - Unrestricted File Upload

CVSS 7.2 HIGHEPSS 0.6%CWE-434
The file upload functionality of Ai3 QbiBot does not properly restrict types of uploaded files, allowing remote attackers with administrator privilege to upload files with dangerous type containing malicious code.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected products
Ai3 · QbiBot

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.twcert.org.tw/tw/cp-132-7732-9a54e-1.html