The file upload function of Vangene deltaFlow E-platform does not perform access controlled properly. Remote attackers can upload and execute arbitrary files without login.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: twcert
Published: 2021-04-06T11:20:28.608132Z
Updated: 2024-09-16T22:55:37.530Z
Reserved: 2021-03-12T00:00:00
Link: CVE-2021-28173
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-04-06T12:15:17.233
Modified: 2021-04-09T19:15:56.140
Link: CVE-2021-28173
Redhat
No data.