|
|
|||
| Rule General Information |
|---|
| Release Date: | 2024-07-02 | |
| Rule Name: | Howfor Multimedia Information Publishing System QH.aspx Arbitrary File Upload Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Howfor Multimedia information publishing system is a multimedia audio-visual system that releases information through a large-screen terminal display device. Its QH.aspx interface has any file upload vulnerability. Remote attackers without authentication can use this vulnerability to upload any backdoor files and execute malicious commands to obtain server permissions. | |
| Impact: | Attackers can upload viruses, Trojans, WebShell, other malicious scripts or pictures containing scripts to the server, and attackers can use these files for subsequent attacks. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |