Vulnerabilities > CVE-2021-44159 - Unspecified vulnerability in 4Mosan GCB Doctor 20210811

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

4mosan

NVD

Published: 2021-12-20

Updated: 2024-11-21

Summary

4MOSAn GCB Doctor’s file upload function has improper user privilege control. A remote attacker can upload arbitrary files including webshell files without authentication and execute arbitrary code in order to perform arbitrary system operations or deny of service attack.

Vulnerable Configurations

Part	Description	Count
Application	4Mosan 4Mosan GCB Doctor - 4Mosan GCB Doctor 2021-08-11	2

References

https://www.twcert.org.tw/tw/cp-132-5395-eee40-1.html
https://www.twcert.org.tw/tw/cp-132-5395-eee40-1.html