CVE-2021-27198

CVE-2021-27198

An issue was discovered in Visualware MyConnection Server through 11.0b build 5382. Unauthenticated Remote Code Execution can occur via Arbitrary File Upload in the web service when using a myspeed/sf?filename= URI. This application is written in Java and is thus cross-platform. The Windows installation runs as SYSTEM, which means that exploitation gives one Administrator privileges on the target system.

Source: CVE-2021-27198

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다