PT-2025-26692 · Unknown · Wrc-2533Gst2+1
Tien Phan
·
Publicado
2025-06-24
·
Atualizado
2026-02-03
·
CVE-2025-36519
CVSS v3.1
4.3
Média
| Vetor | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions:
WRC-2533GST2 (affected versions not specified)
WRC-1167GST2 (affected versions not specified)
Description:
The issue is related to the unrestricted upload of files with dangerous types. If a specially crafted file is uploaded by a remote authenticated attacker, arbitrary code may be executed on the product.
Recommendations:
For WRC-2533GST2, restrict access to file upload functionality to minimize the risk of exploitation.
For WRC-1167GST2, consider disabling file upload functionality until a fix is available.
As a temporary workaround, consider validating and sanitizing all uploaded files to prevent the execution of arbitrary code.
Correção
RCE
Unrestricted File Upload
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Wrc-1167Gst2
Wrc-2533Gst2