PT-2026-3033 · Unknown · Chikitsa Patient Management System

0Z09E

Publicado

2026-01-15

Atualizado

2026-01-20

CVE-2021-47757

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Chikitsa Patient Management System version 2.0.2

Description The software contains an authenticated remote code execution issue in the backup restoration functionality. An authenticated attacker can upload a modified backup zip file containing a malicious PHP shell, allowing for the execution of arbitrary system commands on the server.

Recommendations Apply updates to address the issue in the backup restoration functionality.

Exploit

Correção

RCE

Unrestricted File Upload

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-434

Identificadores relacionados

CVE-2021-47757

Produtos afetados

Chikitsa Patient Management System

PT-2026-3033 · Unknown · Chikitsa Patient Management System

CVE-2021-47757

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 9