An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management

链接： https://github.com/advisories/GHSA-9pr6-9rp3-fq9v

CVSS 评分： 9.1

参考链接：

https://nvd.nist.gov/vuln/detail/CVE-2025-40599
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0014
https://github.com/advisories/GHSA-9pr6-9rp3-fq9v

描述：

An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote code execution.

安全公告

#Github Advisory

An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management

http://example.com/2025/07/23/github_26933312/

作者

lianccc

发布于

2025年7月23日

许可协议

Microsoft Scripting Engine (JScript) Type Confusion Vulnerability 上一篇

Possible ORM Leak Vulnerability in the Harbor 下一篇