up.time 7.5.0 Upload / Execute File...

- AV AC AU C I A
发布: 2015-08-22
修订: 2025-04-13

up.time suffers from arbitrary command execution. Attackers can exploit this issue using the monitor service feature and adding a command with respected arguments to given binary for execution. In combination with the CSRF, privilege escalation, arbitrary text file creation, and renaming that file to php you can execute system commands with SYSTEM privileges.

0%
当前有1条漏洞利用/PoC
当前有0条受影响产品信息