The file upload functionality of Ai3 QbiBot does not properly restrict types of uploaded files, allowing remote attackers with administrator privilege to upload files with dangerous type containing malicious code.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.twcert.org.tw/tw/cp-132-7732-9a54e-1.html |
History
No history.
MITRE
Status: PUBLISHED
Assigner: twcert
Published: 2024-04-15T03:41:00.113Z
Updated: 2024-08-01T20:20:01.586Z
Reserved: 2024-04-15T03:09:24.829Z
Link: CVE-2024-3778
Vulnrichment
Updated: 2024-08-01T20:20:01.586Z
NVD
Status : Awaiting Analysis
Published: 2024-04-15T04:15:16.747
Modified: 2024-04-15T13:15:31.997
Link: CVE-2024-3778
Redhat
No data.