CVE-2021-37105

Name of the Vulnerable Software and Affected Versions FusionCompute versions 6.5.0 through 6.5.1 FusionCompute version 8.0.0

Description The issue is related to improper file upload control. Due to the lack of strict verification of files to be uploaded and insufficient restriction of the file access path, attackers can upload malicious files, leading to service abnormalities.

Recommendations For FusionCompute versions 6.5.0 through 6.5.1, consider restricting file uploads until a patch is available. For FusionCompute version 8.0.0, consider restricting file uploads until a patch is available. As a temporary workaround, consider disabling file upload functionality to minimize the risk of exploitation.