We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Enterprise Cloud Database from Ragic does not properly validate the file type for uploads. Attackers with regular privileges can upload a webshell and use it to execute arbitrary code on the remote server.
Reserved 2024-10-15 | Published 2024-10-15 | Updated 2024-10-15 | Assigner twcertCWE-434 Unrestricted Upload of File with Dangerous Type
www.twcert.org.tw/tw/cp-132-8152-09e81-1.html
www.twcert.org.tw/en/cp-139-8153-1120e-2.html
Support options