CNVD-2023-96945 Scanner
Our scanner targets the arbitrary file upload vulnerability in the McVie Safety Digital Management Platform. This vulnerability allows attackers to upload malicious files, potentially gaining unauthorized server access.
Short Info
Level
High
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 sec
Scan only one
Url
Toolbox
-
Vulnerability Overview
The McVie Safety Digital Management Platform is found to have a file upload vulnerability that could be exploited by attackers to upload malicious files and potentially gain server permissions.
Vulnerability Details
This vulnerability stems from insufficient validation of uploaded files on the /Content/Plugins/uploader/FileChoose.html endpoint. Attackers can exploit this to upload executable files, leading to unauthorized access or server compromise.
Possible Effects
- Unauthorized server access
- Execution of arbitrary code
- Disclosure of sensitive information
Why Choose SecurityForEveryone
SecurityForEveryone provides:
- Comprehensive vulnerability scanning to detect and address security threats.
- Detailed insights and remediation guidance to effectively secure your platforms.
- Continuous updates and monitoring to safeguard against emerging security vulnerabilities.
References
Try it yourself,
control security posture
control security posture