CVE-2021-44159

Summary

4MOSAn GCB Doctor’s file upload function has improper user privilege control. A remote attacker can upload arbitrary files including webshell files without authentication and execute arbitrary code in order to perform arbitrary system operations or deny of service attack.

Affected Software

VendorProductVersion RangeStatus
4MOSAnGCB Doctorunspecified <= 20210811(2.0)affected

Weaknesses

  • CWE-434: CWE-434 Unrestricted Upload of File with Dangerous Type

ADP Enrichment

CVE Program Container

Additional References

References