PT-2023-29092 · Unknown · Nbs&Happysoftwechat

17817315684

Publicado

2023-08-18

Atualizado

2024-05-17

CVE-2023-4409

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions NBS&HappySoftWeChat version 1.1.6

Description A critical issue has been found in the software, affecting some unknown functionality. This issue leads to unrestricted upload and can be exploited remotely. The exploit has been disclosed to the public.

Recommendations For NBS&HappySoftWeChat version 1.1.6, consider restricting access to the affected functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Correção

Unrestricted File Upload

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-434

Identificadores relacionados

CVE-2023-4409

Produtos afetados

Nbs&Happysoftwechat

PT-2023-29092 · Unknown · Nbs&Happysoftwechat

CVE-2023-4409

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8