CVE-2021-46113

2022-01-2512:56:52

mitre

www.cve.org

9.2 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.3%

JSON

In MartDevelopers KEA-Hotel-ERP open source as of 12-31-2021, a remote code execution vulnerability can be exploited by uploading PHP files using the file upload vulnerability in this service.

References

blog.pocas.kr/posts/rce-KEA-Hotel-ERP/

gist.github.com/P0cas/5aa55f62781364a750ac4a4d47f319fa#cve-2021-46113

www.youtube.com/watch?v=gnSMrvV5e9w