Vulnerability Details CVE-2021-44159
4MOSAn GCB Doctor’s file upload function has improper user privilege control. A remote attacker can upload arbitrary files including webshell files without authentication and execute arbitrary code in order to perform arbitrary system operations or deny of service attack.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.048
EPSS Ranking 89.0%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
Products affected by CVE-2021-44159
-
cpe:2.3:a:4mosan:gcb_doctor:-
-
cpe:2.3:a:4mosan:gcb_doctor:2021-08-11