Security For Everyone

CNVD-2023-96945 Scanner

McVie Safety Digital Management Platform Arbitrary File Upload Vulnerability Scanner

Short Info

Level

High

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

24 days 9 hours

Scan only one

URL

Toolbox

-

Vulnerability Overview

The McVie Safety Digital Management Platform is found to have a file upload vulnerability that could be exploited by attackers to upload malicious files and potentially gain server permissions.

Vulnerability Details

This vulnerability stems from insufficient validation of uploaded files on the /Content/Plugins/uploader/FileChoose.html endpoint. Attackers can exploit this to upload executable files, leading to unauthorized access or server compromise.

Possible Effects

Unauthorized server access
Execution of arbitrary code
Disclosure of sensitive information

Why Choose S4E

S4E provides:

Comprehensive vulnerability scanning to detect and address security threats.
Detailed insights and remediation guidance to effectively secure your platforms.
Continuous updates and monitoring to safeguard against emerging security vulnerabilities.

References

CSDN Blog Detailing the Vulnerability

Get started to protecting your Free Full Security Scan

Start trial See the plans