CVE-2024-3778
CVSS V2 None
CVSS V3 None
Description
The file upload functionality of Ai3 QbiBot does not properly restrict types of uploaded files, allowing remote attackers with administrator privilege to upload files with dangerous type containing malicious code.
Overview
- CVE ID
- CVE-2024-3778
- Assigner
- twcert
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-04-15T03:41:00.113Z
- Last Modified Date
- 2024-04-15T03:41:00.113Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://www.twcert.org.tw/tw/cp-132-7732-9a54e-1.html | third-party-advisory |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-3778 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3778 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-23 22:55:22 | Added to TrackCVE |