CVE-2026-1331

Name of the Vulnerable Software and Affected Versions MeetingHub (affected versions not specified)

Description MeetingHub, developed by HAMASTAR Technology, has an arbitrary file upload issue. This allows unauthenticated remote attackers to upload and execute web shell backdoors, leading to arbitrary code execution on the server. The issue allows for the upload of files, such as

test.php

, via a POST request to the

/upload

API endpoint. Successful exploitation enables remote code execution (RCE) without authentication.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.