CVE-2021-46386 · Vexday

CVE-2021-46386

EPSS 3.1%

File upload vulnerability in mingSoft MCMS through 5.2.5, allows remote attackers to execute arbitrary code via a crafted jspx webshell to net.mingsoft.basic.action.web.FileAction#upload.

Productos afectados

n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://gitee.com/mingSoft/MCMS/issues/I4R0GW