SecBoard
Zurück zur CVE-Übersicht

CVE-2024-46088

CRITICAL(9.8)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Risk Signal Score25/100 — MITTEL
  • CVSS 9.8 — Kritisch

EPSS-Score

1%

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

9.8

Technische Schwere

Beschreibung

An arbitrary file upload vulnerability in the ProductAction.entphone interface of Zhejiang University Entersoft Customer Resource Management System v2002 to v2024 allows attackers to execute arbitrary code via uploading a crafted file.

Referenzen