CVE-2021-28173

Summary

The file upload function of Vangene deltaFlow E-platform does not perform access controlled properly. Remote attackers can upload and execute arbitrary files without login.

Affected Software

VendorProductVersion RangeStatus
VangenedeltaFlow E-platform4affected

Weaknesses

  • CWE-434: CWE-434 Unrestricted Upload of File with Dangerous Type

ADP Enrichment

CVE Program Container

Additional References

References