Vulnerability Details CVE-2024-9985
Enterprise Cloud Database from Ragic does not properly validate the file type for uploads. Attackers with regular privileges can upload a webshell and use it to execute arbitrary code on the remote server.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.3%
CVSS Severity
CVSS v3 Score 10.0
References
Products affected by CVE-2024-9985
-
cpe:2.3:a:ragic:enterprise_cloud_database:-