CVE-2021-46036

CRITICAL9.8EPSS 10.8%

File upload leading to RCE in MCMS

發布日:2022/2/19修改日:2024/2/19

描述

An arbitrary file upload vulnerability in the component /ms/file/uploadTemplate.do of MCMS v5.2.4 allows attackers to execute arbitrary code.

受影響套件(1)

CVSS 分數

來源版本嚴重程度向量
osvCVSS 3.1CRITICAL9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

參考連結(2)

CVE-2021-46036 — File upload leading to RCE in MCMS · VulnScope